Description
The permissionrequest list command return a request object that was already approved and if you
execute permissionrequest approve on the request id, you will get the following error message.
if you navigate to the API Access page in Admin center, permissionrequest list command does not return the request. I appear something happen on the API Access page.
Error: An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.
Parameter name: permissionRequest
Steps to reproduce
Attention: DO NOT navigate to the API Access page in SharePoint Admin Center between step 4 and step 6.
- Deploy an app that requires "Microsoft Graph > User.Read" permission.
- Approve the User.Read permission request.
- Retract the app
- Redeploy the app
- Execute m365 spo serviceprincipal permissionrequest list and you will get
[
{
"Id": "xxxxx-xxx-xxxx-xxx-xxxxxxx",
"Resource": "Microsoft Graph",
"ResourceId": "Microsoft Graph",
"Scope": "User.Read"
}
]
- Execute m365 spo serviceprincipal permissionrequest approve --id <the request id in step 5>
Error: An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.
Parameter name: permissionRequest
Expected results
Step 5 should not return any permission request since the permission was already approved in step 2.
Actual results
Step 5 return a request that you cannot approve.
[
{
"Id": "xxxxx-xxx-xxxx-xxx-xxxxxxx",
"Resource": "Microsoft Graph",
"ResourceId": "Microsoft Graph",
"Scope": "User.Read"
}
]
Diagnostics
Executing command spo serviceprincipal permissionrequest approve with options {"options":{"id":"e0ebe990-d2af-4a96-9a8f-2b79fecfee9a","debug":true,"output":"text"}}
SPO URL previously retrieved https://.sharepoint.com. Returning...
Retrieving request digest...
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"accept": "application/json;odata=nometadata",
"authorization": "Bearer "
},
"responseType": "json",
"decompress": true
}
Response:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private, max-age=0",
"transfer-encoding": "chunked",
"content-type": "application/json;odata=nometadata;streaming=true;charset=utf-8",
"expires": "Mon, 06 Mar 2023 22:05:29 GMT",
"last-modified": "Tue, 21 Mar 2023 21:05:29 GMT",
"vary": "Origin,Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"x-networkstatistics": "0,525568,0,0,16445,0,81043",
"x-sharepointhealthscore": "2",
"x-sp-serverstate": "ReadOnly=0",
"dataserviceversion": "3.0",
"spclientservicerequestduration": "8",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "a982a1a0-60a2-3000-4a1a-f0e2d9a548e8",
"request-id": "a982a1a0-60a2-3000-4a1a-f0e2d9a548e8",
"ms-cv": "oKGCqaJgADBKGvDi2aVI6A.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 31C948063D1F4E6FB6F09158787DCB30 Ref B: YVR311000108047 Ref C: 2023-03-21T21:05:29Z",
"date": "Tue, 21 Mar 2023 21:05:29 GMT",
"connection": "close"
},
"data": {
"FormDigestTimeoutSeconds": 1799,
"FormDigestValue": "0x4901EA187E7681C99ACE4C3CAF82EE8B02959F0182E9235F43339A54CECDDDE6F49C4E8AD2D61FB16843BC99A7C2E03BA3EFF35AFEADCDBD79233CC189DE7959,21 Mar 2023 21:05:29 -0000",
"LibraryVersion": "16.0.23508.12004",
"SiteFullUrl": "https://-admin.sharepoint.com",
"SupportedSchemaVersions": [
"14.0.0.0",
"15.0.0.0"
],
"WebFullUrl": "https://-admin.sharepoint.com"
}
}
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"X-RequestDigest": "",
"authorization": "Bearer "
},
"responseType": "text",
"decompress": true,
"data": "<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="CLI for Microsoft 365 v6.0.0" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009\"><ObjectPath Id="16" ObjectPathId="15" /><ObjectPath Id="18" ObjectPathId="17" /><ObjectPath Id="20" ObjectPathId="19" /><ObjectPath Id="22" ObjectPathId="21" /><Query Id="23" ObjectPathId="21"><Query SelectAllProperties="true"><Constructor Id="15" TypeId="{104e8f06-1e00-4675-99c6-1b9b504ed8d8}" /><Property Id="17" ParentId="15" Name="PermissionRequests" /><Method Id="19" ParentId="17" Name="GetById"><Parameter Type="Guid">{e0ebe990-d2af-4a96-9a8f-2b79fecfee9a}<Method Id="21" ParentId="19" Name="Approve" />"
}
Response:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private",
"transfer-encoding": "chunked",
"content-type": "application/json; charset=utf-8",
"vary": "Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"set-cookie": [
"SPWorkLoadAttribution=Url=https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery&AppId=E0D3C05D-9133-40D1-8413-1C4522A4E7C2; expires=Tue, 21-Mar-2023 21:05:59 GMT; path=/"
],
"x-networkstatistics": "0,525568,0,0,7670,0,45345",
"x-sharepointhealthscore": "2",
"x-sp-serverstate": "ReadOnly=0",
"spclientservicerequestduration": "2876",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "a982a1a0-40ac-3000-5249-01ab2d47b1e1",
"request-id": "a982a1a0-40ac-3000-5249-01ab2d47b1e1",
"ms-cv": "oKGCqaxAADBSSQGrLUex4Q.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 0BD77B39B71A4716A0FC1DFB63F99786 Ref B: YVR311000109053 Ref C: 2023-03-21T21:05:29Z",
"date": "Tue, 21 Mar 2023 21:05:31 GMT",
"connection": "close"
},
"data": "[\r{\r"SchemaVersion":"15.0.0.0","LibraryVersion":"16.0.23508.12004","ErrorInfo":{\r"ErrorMessage":"An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.\r\nParameter name: permissionRequest","ErrorValue":null,"TraceCorrelationId":"a982a1a0-40ac-3000-5249-01ab2d47b1e1","ErrorCode":-2147024809,"ErrorTypeName":"System.ArgumentException"\r},"TraceCorrelationId":"a982a1a0-40ac-3000-5249-01ab2d47b1e1"\r}\r]"
}
Error: An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.
Parameter name: permissionRequest
PS C:\dev\CEA> $a = (m365 spo serviceprincipal permissionrequest approve --id e0ebe990-d2af-4a96-9a8f-2b79fecfee9a --debug --output text)
Executing command spo serviceprincipal permissionrequest approve with options {"options":{"id":"e0ebe990-d2af-4a96-9a8f-2b79fecfee9a","debug":true,"output":"text"}}
SPO URL previously retrieved https://.sharepoint.com. Returning...
Retrieving request digest...
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"accept": "application/json;odata=nometadata",
"authorization": "Bearer "
},
"responseType": "json",
"decompress": true
}
Response:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private, max-age=0",
"transfer-encoding": "chunked",
"content-type": "application/json;odata=nometadata;streaming=true;charset=utf-8",
"expires": "Mon, 06 Mar 2023 22:06:23 GMT",
"last-modified": "Tue, 21 Mar 2023 21:06:23 GMT",
"vary": "Origin,Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"x-networkstatistics": "0,525568,0,0,13326,0,62381",
"x-sharepointhealthscore": "1",
"x-sp-serverstate": "ReadOnly=0",
"dataserviceversion": "3.0",
"spclientservicerequestduration": "9",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "b682a1a0-d0de-3000-49da-8cb9a903131f",
"request-id": "b682a1a0-d0de-3000-49da-8cb9a903131f",
"ms-cv": "oKGCtt7QADBJ2oy5qQMTHw.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 655BB97ECB0A4F0B8A01EE64EE22FC0E Ref B: YVR311000108047 Ref C: 2023-03-21T21:06:23Z",
"date": "Tue, 21 Mar 2023 21:06:23 GMT",
"connection": "close"
},
"data": {
"FormDigestTimeoutSeconds": 1800,
"FormDigestValue": "0x6CB3A6F97EF2ABBFA60987251007D4E993056B1E3D48E73C3E41A2F5DFDE08BAE843FAC5D183BB2EAA4155A9E1A1D27A08CB55AC6C16C3EDAAC62101D8281D5F,21 Mar 2023 21:06:23 -0000",
"LibraryVersion": "16.0.23508.12004",
"SiteFullUrl": "https://-admin.sharepoint.com",
"SupportedSchemaVersions": [
"14.0.0.0",
"15.0.0.0"
],
"WebFullUrl": "https://-admin.sharepoint.com"
}
}
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"X-RequestDigest": "",
"authorization": "Bearer "
},
"responseType": "text",
"decompress": true,
"data": "<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="CLI for Microsoft 365 v6.0.0" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009\"><ObjectPath Id="16" ObjectPathId="15" /><ObjectPath Id="18" ObjectPathId="17" /><ObjectPath Id="20" ObjectPathId="19" /><ObjectPath Id="22" ObjectPathId="21" /><Query Id="23" ObjectPathId="21"><Query SelectAllProperties="true"><Constructor Id="15" TypeId="{104e8f06-1e00-4675-99c6-1b9b504ed8d8}" /><Property Id="17" ParentId="15" Name="PermissionRequests" /><Method Id="19" ParentId="17" Name="GetById"><Parameter Type="Guid">{e0ebe990-d2af-4a96-9a8f-2b79fecfee9a}<Method Id="21" ParentId="19" Name="Approve" />"
}
Response:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private",
"transfer-encoding": "chunked",
"content-type": "application/json; charset=utf-8",
"vary": "Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"set-cookie": [
"SPWorkLoadAttribution=Url=https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery&AppId=E0D3C05D-9133-40D1-8413-1C4522A4E7C2; expires=Tue, 21-Mar-2023 21:06:53 GMT; path=/"
],
"x-networkstatistics": "0,525568,0,0,339769,0,113934",
"x-sharepointhealthscore": "1",
"x-sp-serverstate": "ReadOnly=0",
"spclientservicerequestduration": "2592",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "b682a1a0-50e7-3000-6d7c-cf30a27a470f",
"request-id": "b682a1a0-50e7-3000-6d7c-cf30a27a470f",
"ms-cv": "oKGCtudQADBtfM8wonpHDw.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 34880794E9664C0286A08DA3293727E4 Ref B: YVR311000110035 Ref C: 2023-03-21T21:06:23Z",
"date": "Tue, 21 Mar 2023 21:06:25 GMT",
"connection": "close"
},
"data": "[\r{\r"SchemaVersion":"15.0.0.0","LibraryVersion":"16.0.23508.12004","ErrorInfo":{\r"ErrorMessage":"An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.\r\nParameter name: permissionRequest","ErrorValue":null,"TraceCorrelationId":"b682a1a0-50e7-3000-6d7c-cf30a27a470f","ErrorCode":-2147024809,"ErrorTypeName":"System.ArgumentException"\r},"TraceCorrelationId":"b682a1a0-50e7-3000-6d7c-cf30a27a470f"\r}\r]"
}
Error: An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.
Parameter name: permissionRequest
CLI for Microsoft 365 version
v6.0.0
nodejs version
v16.18.1
Operating system (environment)
Windows
Shell
PowerShell
cli doctor
No response
Additional Info
No response
Description
The permissionrequest list command return a request object that was already approved and if you
execute permissionrequest approve on the request id, you will get the following error message.
if you navigate to the API Access page in Admin center, permissionrequest list command does not return the request. I appear something happen on the API Access page.
Steps to reproduce
Attention: DO NOT navigate to the API Access page in SharePoint Admin Center between step 4 and step 6.
Expected results
Step 5 should not return any permission request since the permission was already approved in step 2.
Actual results
Step 5 return a request that you cannot approve.
Diagnostics
Executing command spo serviceprincipal permissionrequest approve with options {"options":{"id":"e0ebe990-d2af-4a96-9a8f-2b79fecfee9a","debug":true,"output":"text"}}
SPO URL previously retrieved https://.sharepoint.com. Returning...
Retrieving request digest...
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"accept": "application/json;odata=nometadata",
"authorization": "Bearer "
},
"responseType": "json",
"decompress": true
}
Response:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private, max-age=0",
"transfer-encoding": "chunked",
"content-type": "application/json;odata=nometadata;streaming=true;charset=utf-8",
"expires": "Mon, 06 Mar 2023 22:05:29 GMT",
"last-modified": "Tue, 21 Mar 2023 21:05:29 GMT",
"vary": "Origin,Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"x-networkstatistics": "0,525568,0,0,16445,0,81043",
"x-sharepointhealthscore": "2",
"x-sp-serverstate": "ReadOnly=0",
"dataserviceversion": "3.0",
"spclientservicerequestduration": "8",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "a982a1a0-60a2-3000-4a1a-f0e2d9a548e8",
"request-id": "a982a1a0-60a2-3000-4a1a-f0e2d9a548e8",
"ms-cv": "oKGCqaJgADBKGvDi2aVI6A.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 31C948063D1F4E6FB6F09158787DCB30 Ref B: YVR311000108047 Ref C: 2023-03-21T21:05:29Z",
"date": "Tue, 21 Mar 2023 21:05:29 GMT",
"connection": "close"
},
"data": {
"FormDigestTimeoutSeconds": 1799,
"FormDigestValue": "0x4901EA187E7681C99ACE4C3CAF82EE8B02959F0182E9235F43339A54CECDDDE6F49C4E8AD2D61FB16843BC99A7C2E03BA3EFF35AFEADCDBD79233CC189DE7959,21 Mar 2023 21:05:29 -0000",
"LibraryVersion": "16.0.23508.12004",
"SiteFullUrl": "https://-admin.sharepoint.com",
"SupportedSchemaVersions": [
"14.0.0.0",
"15.0.0.0"
],
"WebFullUrl": "https://-admin.sharepoint.com"
}
}
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"X-RequestDigest": "",
"authorization": "Bearer "
},
"responseType": "text",
"decompress": true,
"data": "<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="CLI for Microsoft 365 v6.0.0" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009\"><ObjectPath Id="16" ObjectPathId="15" /><ObjectPath Id="18" ObjectPathId="17" /><ObjectPath Id="20" ObjectPathId="19" /><ObjectPath Id="22" ObjectPathId="21" /><Query Id="23" ObjectPathId="21"><Query SelectAllProperties="true"><Constructor Id="15" TypeId="{104e8f06-1e00-4675-99c6-1b9b504ed8d8}" /><Property Id="17" ParentId="15" Name="PermissionRequests" /><Method Id="19" ParentId="17" Name="GetById"><Parameter Type="Guid">{e0ebe990-d2af-4a96-9a8f-2b79fecfee9a}<Method Id="21" ParentId="19" Name="Approve" />"
}
Response:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private",
"transfer-encoding": "chunked",
"content-type": "application/json; charset=utf-8",
"vary": "Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"set-cookie": [
"SPWorkLoadAttribution=Url=https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery&AppId=E0D3C05D-9133-40D1-8413-1C4522A4E7C2; expires=Tue, 21-Mar-2023 21:05:59 GMT; path=/"
],
"x-networkstatistics": "0,525568,0,0,7670,0,45345",
"x-sharepointhealthscore": "2",
"x-sp-serverstate": "ReadOnly=0",
"spclientservicerequestduration": "2876",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "a982a1a0-40ac-3000-5249-01ab2d47b1e1",
"request-id": "a982a1a0-40ac-3000-5249-01ab2d47b1e1",
"ms-cv": "oKGCqaxAADBSSQGrLUex4Q.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 0BD77B39B71A4716A0FC1DFB63F99786 Ref B: YVR311000109053 Ref C: 2023-03-21T21:05:29Z",
"date": "Tue, 21 Mar 2023 21:05:31 GMT",
"connection": "close"
},
"data": "[\r{\r"SchemaVersion":"15.0.0.0","LibraryVersion":"16.0.23508.12004","ErrorInfo":{\r"ErrorMessage":"An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.\r\nParameter name: permissionRequest","ErrorValue":null,"TraceCorrelationId":"a982a1a0-40ac-3000-5249-01ab2d47b1e1","ErrorCode":-2147024809,"ErrorTypeName":"System.ArgumentException"\r},"TraceCorrelationId":"a982a1a0-40ac-3000-5249-01ab2d47b1e1"\r}\r]"
}
Error: An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.
Parameter name: permissionRequest
PS C:\dev\CEA> $a = (m365 spo serviceprincipal permissionrequest approve --id e0ebe990-d2af-4a96-9a8f-2b79fecfee9a --debug --output text)
Executing command spo serviceprincipal permissionrequest approve with options {"options":{"id":"e0ebe990-d2af-4a96-9a8f-2b79fecfee9a","debug":true,"output":"text"}}
SPO URL previously retrieved https://.sharepoint.com. Returning...
Retrieving request digest...
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"accept": "application/json;odata=nometadata",
"authorization": "Bearer "
},
"responseType": "json",
"decompress": true
}
Response:
{
"url": "https://-admin.sharepoint.com/_api/contextinfo",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private, max-age=0",
"transfer-encoding": "chunked",
"content-type": "application/json;odata=nometadata;streaming=true;charset=utf-8",
"expires": "Mon, 06 Mar 2023 22:06:23 GMT",
"last-modified": "Tue, 21 Mar 2023 21:06:23 GMT",
"vary": "Origin,Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"x-networkstatistics": "0,525568,0,0,13326,0,62381",
"x-sharepointhealthscore": "1",
"x-sp-serverstate": "ReadOnly=0",
"dataserviceversion": "3.0",
"spclientservicerequestduration": "9",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "b682a1a0-d0de-3000-49da-8cb9a903131f",
"request-id": "b682a1a0-d0de-3000-49da-8cb9a903131f",
"ms-cv": "oKGCtt7QADBJ2oy5qQMTHw.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 655BB97ECB0A4F0B8A01EE64EE22FC0E Ref B: YVR311000108047 Ref C: 2023-03-21T21:06:23Z",
"date": "Tue, 21 Mar 2023 21:06:23 GMT",
"connection": "close"
},
"data": {
"FormDigestTimeoutSeconds": 1800,
"FormDigestValue": "0x6CB3A6F97EF2ABBFA60987251007D4E993056B1E3D48E73C3E41A2F5DFDE08BAE843FAC5D183BB2EAA4155A9E1A1D27A08CB55AC6C16C3EDAAC62101D8281D5F,21 Mar 2023 21:06:23 -0000",
"LibraryVersion": "16.0.23508.12004",
"SiteFullUrl": "https://-admin.sharepoint.com",
"SupportedSchemaVersions": [
"14.0.0.0",
"15.0.0.0"
],
"WebFullUrl": "https://-admin.sharepoint.com"
}
}
Existing access token still valid. Returning...
Request:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"method": "post",
"headers": {
"common": {
"Accept": "application/json, text/plain, /"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/6.0.0",
"accept-encoding": "gzip, deflate",
"X-RequestDigest": "",
"authorization": "Bearer "
},
"responseType": "text",
"decompress": true,
"data": "<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="CLI for Microsoft 365 v6.0.0" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009\"><ObjectPath Id="16" ObjectPathId="15" /><ObjectPath Id="18" ObjectPathId="17" /><ObjectPath Id="20" ObjectPathId="19" /><ObjectPath Id="22" ObjectPathId="21" /><Query Id="23" ObjectPathId="21"><Query SelectAllProperties="true"><Constructor Id="15" TypeId="{104e8f06-1e00-4675-99c6-1b9b504ed8d8}" /><Property Id="17" ParentId="15" Name="PermissionRequests" /><Method Id="19" ParentId="17" Name="GetById"><Parameter Type="Guid">{e0ebe990-d2af-4a96-9a8f-2b79fecfee9a}<Method Id="21" ParentId="19" Name="Approve" />"
}
Response:
{
"url": "https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private",
"transfer-encoding": "chunked",
"content-type": "application/json; charset=utf-8",
"vary": "Accept-Encoding",
"p3p": "CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"",
"set-cookie": [
"SPWorkLoadAttribution=Url=https://-admin.sharepoint.com/_vti_bin/client.svc/ProcessQuery&AppId=E0D3C05D-9133-40D1-8413-1C4522A4E7C2; expires=Tue, 21-Mar-2023 21:06:53 GMT; path=/"
],
"x-networkstatistics": "0,525568,0,0,339769,0,113934",
"x-sharepointhealthscore": "1",
"x-sp-serverstate": "ReadOnly=0",
"spclientservicerequestduration": "2592",
"x-aspnet-version": "4.0.30319",
"x-databoundary": "NONE",
"x-1dscollectorurl": "https://mobile.events.data.microsoft.com/OneCollector/1.0/",
"x-ariacollectorurl": "https://browser.pipe.aria.microsoft.com/Collector/3.0/",
"sprequestguid": "b682a1a0-50e7-3000-6d7c-cf30a27a470f",
"request-id": "b682a1a0-50e7-3000-6d7c-cf30a27a470f",
"ms-cv": "oKGCtudQADBtfM8wonpHDw.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.23501",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"x-cache": "CONFIG_NOCACHE",
"x-msedge-ref": "Ref A: 34880794E9664C0286A08DA3293727E4 Ref B: YVR311000110035 Ref C: 2023-03-21T21:06:23Z",
"date": "Tue, 21 Mar 2023 21:06:25 GMT",
"connection": "close"
},
"data": "[\r{\r"SchemaVersion":"15.0.0.0","LibraryVersion":"16.0.23508.12004","ErrorInfo":{\r"ErrorMessage":"An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.\r\nParameter name: permissionRequest","ErrorValue":null,"TraceCorrelationId":"b682a1a0-50e7-3000-6d7c-cf30a27a470f","ErrorCode":-2147024809,"ErrorTypeName":"System.ArgumentException"\r},"TraceCorrelationId":"b682a1a0-50e7-3000-6d7c-cf30a27a470f"\r}\r]"
}
Error: An OAuth permission with the resource Microsoft Graph and scope User.Read already exists.
Parameter name: permissionRequest
CLI for Microsoft 365 version
v6.0.0
nodejs version
v16.18.1
Operating system (environment)
Windows
Shell
PowerShell
cli doctor
No response
Additional Info
No response