DEVHIDE
Login Or Sign up

Getting 'Service_InternalServerError' when creating application through Graph API in Azure AD

362 Views Asked by At

I am trying to create application in Azure AD programatically. I added initial app in management portal and granted permissions to Graph Api and Active directory (Directory read/write in both).

First I acquire authorization code, sample url formation is below:

uri = Addressable::URI.parse('https://login.microsoftonline.com/common/oauth2/authorize')
  uri.query_values = {
    response_type: 'code',
    response_mode: 'form_post',
    client_id: <Application ID>,
    redirect_uri: <Redirect URI>,   
    resource: 'https://graph.windows.net/',
    state: <UUID>,
  }

Afterwards I get auth token through bellow request:

client = OAuth2::Client.new(client_id,
                          client_secret,
                          :site => 'https://login.microsoftonline.com',
                          :authorize_url => '/common/oauth2/authorize',
                          :token_url => '/common/oauth2/token')

auth_token = client.auth_code.get_token(auth_code,
                                 :redirect_uri => redirect_uri,
                                 :scope => 'openid'

Finally i can make graph api call to to applications endpoint to add an app:

graph_url = 'https://graph.windows.net/<TENANT ID>/applications?api-version=1.6'
body = {
  'identifierUris' => ['<URI>'],
  'availableToOtherTenants' => true,
  'homepage' => <Home PAGE>,
  'replyURLs' => <SOME REPLY URL>,
  'displayName' => <APP DISPLAY NAME>,
}
headers = {'Content-Type' => 'application/json','Authorization' =>  "Bearer #{auth_token.token}"}
conn = Faraday.new(graph_url, {headers: headers})
res = conn.post graph_url, body.to_json

In response I get bellow error which is not very descriptive and not sure what's wrong:

{"odata.error"=>{"code"=>"Service_InternalServerError", "message"=>{"lang"=>"en", "value"=>"Encountered an internal server error."}}}

Any suggestions are appreciated.

ruby azure automation azure-active-directory azure-ad-graph-api
Original Q&A
1

There are 1 best solutions below

2
On

I fixed my problem, getting internal error when trying to create App. Be careful when forming 'body' for http request. I was adding extra '/' at the end of url in 'replyUrls' property. Also adding data type for each property is important. Here is the sample request that worked for me:

body = {
  "odata.type" => "Microsoft.DirectoryServices.Application",
  "identifierUris" => ["https://mynamehere.com/#{someidentifier}"],
  "[email protected]" => "Collection(Edm.String)",
  "availableToOtherTenants" => true,
  "homepage" => 'https://myhomepage.com',
  "replyURLs" => ["http://localhost:3000/someUrl"],
  "[email protected]" => "Collection(Edm.String)",
  "displayName" => 'This is my app',   
 }

Here is the link to blog that was helpful:

http://blog.mszcool.com/index.php/2016/06/a-deep-dive-into-azure-ad-multi-tenant-apps-oauthopenidconnect-flows-admin-consent-and-azure-ad-graph-api/

Related Questions in RUBY

Related Questions in AZURE

Related Questions in AUTOMATION

Related Questions in AZURE-ACTIVE-DIRECTORY

Related Questions in AZURE-AD-GRAPH-API

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.