MS Graph API: microsoft.graph.createLink not creating anonymous view links - onedrive

I'm using graph API to iterate over a folder in OneDrive for Business. I'm attempting to generate "anonymous view" links for each item in the folder using the following call:
/v1.0/users('user-guid')/drive/items/item-id/microsoft.graph.createLink
with the body:
{
"type": "view",
"scope": "anonymous"
}
This works correctly for items that have already been given the "View link- no sign-in required" permission via the OneDrive UI. However, executing this call against an item that doesn't have this sharing option already set, results in the following return message:
{
"error": {
"code": "unauthenticated",
"message": "The caller is not authenticated.",
"innerError": {
"request-id": "1c3600ec-4861-4be4-9a7b-74264f488a80",
"date": "2016-03-13T02:30:10"
}
}
}
I know that this is not an authentication issue because my token works fine for all other calls (and calls against items that already have their file sharing set). I get the same behavior from the Microsoft Graph Explorer tool. If I manually set the "View link - no sign-in required" permission in OneDrive this call executes perfectly. My credentials for the API call are the same credentials I'm using to set the permissions in the OneDrive UI.
The documentation for microsoft.graph.createLink states
The createLink method will create a new sharing link if the specified link type doesn't already exist. If a sharing link of the specified type already exists for the app, the existing sharing link will be returned.
Any ideas what's going wrong here?

The url should be simply /createLink (without the microsoft.graph prefix):
POST /me/drive/items/{item-id}/createLink

Related

Http delete request to Google Directory API returning 412 Precondition is not met: location If-Match

I have been using Postman to send http requests to Google's Directory API. The GET request works fine (which shows that the admin token as well works fine) to get info for a user.
But, what I need to do is delete the user, and when I try this, I get the following back:
{
"error": {
"code": 412,
"message": "Precondition is not met.",
"errors": [
{
"message": "Precondition is not met.",
"domain": "global",
"reason": "conditionNotMet",
"location": "If-Match",
"locationType": "header"
}
]
}
}
I was presupposing that I was missing the etag, which is what I added from the user, but it did not work. I also tried adding "*" to the If-Match tag, and that did not work either. Maybe there is a way with a put or patch request?
The API reference is this: https://developers.google.com/admin-sdk/directory/reference/rest/v1/users/delete
The API does not work on Google's reference page either. I have also tried this in multiple domains where I am the super-admin so the error is not related to a specific super-user or domain.
I have also made sure, in multiple tests, that the user I am trying to delete is not an admin of any type.
I am adding images below to show that the GET api works fine. So I just need to know how to format the API request to be able to delete the user.
Ok, after talking directly to Google and even seeing that Jay Lee (author of GAM) ran into the same problem, we found out that you can't delete a user if:
It has a license of some sort
It's an admin
It has a Google Vault retention rule applied
To be able to delete a user from now on, you must remove all these things (licenses, admin privileges, Vault retention rules) or you must transfer the information of that user to another user (along with whatever else Google asks you to remove beforehand).
The "Precondition is not met" is vague and Google should change this, but it means that one of the three things above have not been removed yet.
Below I am adding multiple links to confirm what I mentioned above as well as the APIs you need to use on users before being able to delete them.
https://groups.google.com/g/google-apps-manager/c/83kR-4MoPk0?pli=1
https://github.com/GAM-team/GAM/releases?gam-releases
https://developers.google.com/admin-sdk/data-transfer/reference/rest/v1/transfers#DataTransfer
https://developers.google.com/vault/guides/holds#python
https://developers.google.com/vault/reference/rest/v1/matters.holds.accounts/list

Video Indexer Render Project API not working

I am trying to render a project I created using the Video Indexer "Create Project" API call, but I am getting the following error:
{
"ErrorType": "USER_NOT_ALLOWED",
"Message": "Token is authorized to access only a video. Trace id: '6a0bd50f-d25e-405f-b853-86847c8a1bca"
}
I'm following the following steps from the API documentation:
Create a project:
https://api.videoindexer.ai/{location}/Accounts/{accountId}/Projects[?accessToken]
This returns the new project information and 200 Ok status code.
Get the project access token by sending a GET request to:
https://api.videoindexer.ai/Auth/{location}/Accounts/{accountId}/Projects/{projectId}/AccessToken[?allowEdit]
An access token is returned successfully.
Send a POST request to render the video:
https://api.videoindexer.ai/{location}/Accounts/{accountId}/Projects/{projectId}/render[?sendCompletionEmail][&accessToken]
** for the access token parameter, I am passing in the project access key in all cases
However, the documentation for this API doesn't specify the schema for the body of the call, so when I send an empty body, it returns the error:
{
"ErrorType": "USER_NOT_ALLOWED",
"Message": "Token is authorized to access only a video. Trace id: '6a0bd50f-d25e-405f-b853-86847c8a1bca"
}
I have also tried a different approach of calling the Project widget and using the "Render" button that the widget provides, but I can neither save nor render the videos that show up in the project.
My end goal is to be able to edit the videos and render the selected video ranges.
Any advice regarding this issue is welcome.
Rendering a project is an operation that requires access to other videos in your Video Indexer account (the videos that are included in the project).
Therefore, make sure you use an account access token (obtained with allowEdit=true) for step 3, or just use the same token you used to create the project from step 1.

Checkout and Transaction API Permissions error

I am currently trying to create a transaction or checkout from Postman, I set the Header with a full access token but the API always response:
{
"errors": [
{
"category": "AUTHENTICATION_ERROR",
"code": "FORBIDDEN",
"detail": "You have insufficient permissions to perform that action."
}
]
}
Attach the OAuth screen.Permissions image
and the postman request. https://www.getpostman.com/collections/4fe6fec54384fc10d152
Unfortunately, this is due to you not being in one of the countries currently available to Square's APIs: https://docs.connect.squareup.com/articles/faq-international-availability?q=country. You will not be able to make payments using the API when outside of the countries listed above.
Furthermore, you should never share your personal access token with anyone (which you show in your screenshot). Please change this immediately, by navigating to your Square dashboard and clicking "Replace" on your "Credentials" tab.

Google Surveys api - INVALID_CREDENTIALS

I try get surveys results through the api, but I am still getting an errors.
I am able to get google calendar events, but when I try get list of surveys, or results (https://www.googleapis.com/surveys/v2/surveys/{survey_ID}/results), I am getting:
"domain": "global",
"reason": "INVALID_CREDENTIALS",
"message": "User must be authenticated to make this call. Request Id: 5a73195500ff0c64532dccb0ef0001737e3430322d747269616c320001707573682d30312d33312d72313100010163",
"locationType": "header",
"location": "Authorization"
}
It looks like I have bad access token, but with same token and method, I get for example calendar events.
It looked like I have no scope, but when I issue this request https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={valid_token} I get correct answer:
"issued_to": "822311642112-***********.apps.googleusercontent.com",
"audience": "822311642112-***********.apps.googleusercontent.com",
"scope": "https://www.google.com/calendar/feeds/ https://www.googleapis.com/auth/surveys",
"expires_in": 2983,
"access_type": "offline"
I have enabled Survey api in my account. I am running this code from visual foxpro desktop application over windows object Microsoft.XMLHTTP
Any idea what am I doing wrong?
EDIT:
This is not duplicate of this question because my authentication credentials work fain with calendar, but not working with surveys.
It looks like Maia Werbos has correct answer for me, now I am getting response that request is correct (status: 200), but response contains just requestId.
Maia thank you very much.
Your request shows that you have the following two OAuth scopes enabled:
https://www.google.com/calendar/feeds/
https://www.googleapis.com/auth/surveys
But you also need to have the email scope enabled to use the Surveys API (see the Surveys API Getting Started Guide for more info):
https://www.googleapis.com/auth/userinfo.email

I get a response 'Not authorized to create: TestCase"

I used Rally API to create a test case. I was able to create test cases with out any issues. However when I used a different login user to create the test case, Rally gives me the following response:
{"CreateResult": {"_rallyAPIMajor": "2", "_rallyAPIMinor": "0", "Errors": ["Not authorized to create: TestCase"], "Warnings": ["It is no longer necessary to append \".js\" to WSAPI resources."]}}
There is no indication that this is anything other than a permission issue. Make sure that the new user is not a read-only user and make sure this user has editor rights in the project where you are creating a test case. There are no special API permissions. If you can create a test case in a project using UI you should be able to create a user in the same project with WS API.
You can set a project reference: -
JsonObject newObj = new JsonObject();
newObj.addProperty("Project", "789900"); // replace with actual project id
NOTE The project ID can be found in the Rally URL itself (if you are pointing to the required project)