-1

I'm successfully getting an access token to resource https://manage.office.com from https ://login.microsoftonline.com/MYTENANTID/oauth2/token using grant_type client_credentials with my client ID and client secret.

But I always get "Authorization has been denied for this request" back when I try to use that token with to start a subscription using https ://manage.office.com/api/v1.0/MYTENANTID/activity/feed/subscriptions/start?contentType=Audit.SharePoint

There is only one Tenant. My app is in the same tenant I'm trying to access.

Do I have to do the client certificate thing with the manifest or can I use the secret key? This is service to service. Or is it that I'm not getting an authorization code first? I didn't think I needed to do that since this scenario doesn't require content

Any help greatly appreciated.

Randy Smith
  • 3
  • 2

1 Answers1

0

Based on the test, I am also not able to call this rest via the token request with the client id and secret.

To use this API, you can generate a self-signed certificate. Detail step about use certificate to request the app-only token please refer here.

Fei Xue
  • 14,369
  • 1
  • 19
  • 27
  • Thanks, I went the client certificate route and I still get the same error. I've verified that my code, cert and flow are correct because this all works fine with the Graph API. It's not permissions because I've given app all permission on Management API. Another programmer thinks the Management API is just not enabled on this tenant. I've opened a case with MS but anyone else run into that? – Randy Smith Aug 10 '16 at 14:33