Share via

I get a permissions error sending email with MS Graph

Steve Worthington 0 Reputation points
2025-01-24T02:34:07.81+00:00

I am getting a permissions error and not able to find an answer. To be sure, I even set up a second new Azure portal and subscription, again followed the instructions, again got the same error. I must be missing something basic.

One of the issues I guess is that Microsoft cannot decide on a name for something and keep it, so maybe I am reading the wrong Guid for the wrong field.

{"AADSTS90002: Tenant 'b9fcc91f-86a5-47dd-a8ef-749ec7ab7ac5' not found.

Check to make sure you have the correct tenant ID and are signing into the correct cloud.

Check with your subscription administrator, this may happen if there are no active subscriptions for the tenant.

Trace ID: 1dfdb1dd-caa4-40e6-a736-54ee303b0500

Correlation ID: d0ae8860-a9ab-4fb6-b5a0-b8531562975d Timestamp: 2025-01-23 21:02:03Z"}AzureAppRegistration

Here is my connection variables and where I am getting them from (See screen shot).

  ClientSecretCredential credential = new ClientSecretCredential(applicationClientId, directoryTenantId, clientSecretValue);

  GraphServiceClient graphClient = new GraphServiceClient(credential);

The clientSecretValue from the the value field under certificates and secrets.

Anyone shed any light on what I might be doing wrong please?

Yes there is a current subscription - 2 infact, including a Microsoft Partner one.

How do I determine the 'Correct Cloud' please in case that is it?

Thanks in advance,

Steve

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,893 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
11,244 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rajat Vashistha-MSFT 265 Reputation points Microsoft Vendor
    2025-01-24T08:53:55.3666667+00:00

    Hi Steve Worthington,

    Thank you for reaching out to Microsoft!

    The error message you're seeing, "Tenant 'b9fxxxxx-86a5-47xx-axxf-74xxx7abxxx5' not found," typically indicates that there might be an issue with the tenant ID or the cloud environment you're trying to access

    Here are a few steps to help troubleshoot this issue:

    Verify Tenant ID: Double-check that the tenant ID you're using is correct. You can find the tenant ID in the Azure portal under Azure Active Directory > Properties.

    1. Check Cloud Environment: Ensure you're signing into the correct cloud environment. Azure has multiple cloud environments. Make sure the tenant ID matches the cloud environment you're working with.
    2. Active Subscription: Confirm that there is an active subscription for the tenant. You can check this in the Azure portal under Subscriptions.

    Even after verifying the above, if the issue still persists, I recommend you raise a support case, a Support Engineer will be able to look into this issue and assist you better. You can raise support ticket from New support request - Microsoft Entra admin center or https://admin.microsoft.com/#/support/requests.

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

    0 comments
  2. Yakun Huang-MSFT 9,550 Reputation points Microsoft Vendor
    2025-01-24T09:03:27.9366667+00:00

    Hello Steve Worthington,

    Thank you for reaching out to Microsoft Support!

    For your error, please refer to the relevant operation of the case, try testing in Postman first.

    In the meantime, when getting tokens, it is recommended that you use the following code instead:

    // The client credentials flow requires that you request the
// /.default scope, and pre-configure your permissions on the
// app registration in Azure. An administrator must grant consent
// to those permissions beforehand.
var scopes = new[] { "https://graph.microsoft.com/.default" };
// Values from app registration
var clientId = "YOUR_CLIENT_ID";
var tenantId = "YOUR_TENANT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";
// using Azure.Identity;
var options = new ClientSecretCredentialOptions
{
    AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
// https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
var clientSecretCredential = new ClientSecretCredential(
    tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);

    Reference document:

    https://learn.microsoft.com/en-us/graph/sdks/choose-authentication-providers?tabs=csharp#using-a-client-secret

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.