Share via

Microsft Graph Error: ClientSecretCredential authentication failed: AADSTS9002331: Application 'xxxxx' is configured for use by Microsoft Account users only. Please use the /consumers endpoint to serve this request.

David Garavit 0 Reputation points
2024-11-24T05:35:48.6166667+00:00

I need to send emails from a desktop application. I have read a lot of threads about this matter and using the codes shared all over internet to send email using microsoft graph with no luck. I'm using my personal outlook account to be used within the application, and now I'm wondering if that is even possible. I have done all configurations on Microsoft Entra Admin center: register application (using every supported account types); added the corresponding API permissions (Mail.Send delegated as well as application types); Added certificates & Secrets. At this point I'm clue less. Any advise what else I should be doing?

Thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,437 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,384 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. akinbade abiola 19,455 Reputation points
    2024-11-24T22:44:54.68+00:00

    Hello David Garavit

    Register the app using the steps here: https://learn.microsoft.com/en-us/advertising/guides/authentication-oauth-register?view=bingads-13

    In the Supported account types section, select Accounts in any organizational directory and personal Microsoft accounts.Supported account types

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

  2. CarlZhao-MSFT 43,011 Reputation points
    2024-11-25T02:02:44.4366667+00:00

    Hi @David Garavit

    As the error message says, if your application has been configured for use only by Microsoft account users, you must use the /consumers endpoint to authenticate the user and request a token.

    Request an authorization code:

    GET https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?
client_id=00001111-aaaa-2222-bbbb-3333cccc4444
&response_type=code
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&response_mode=query
&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
&state=12345

    Request a token:

    POST https://login.microsoftonline.com/consumers/oauth2/v2.0/token 

client_id=11112222-bbbb-3333-cccc-4444dddd5555
&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
&code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&grant_type=authorization_code
&code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong 
&client_secret=sampleCredentia1s

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.