Insufficent privileges when accessing azure graph api users list

Question

I\'m trying to fetch users from azure active directory using graph api. I\'ve tried many ways, none of them worked, but let\'s stick to simplest one - using this instruction and

Answer 1

As you are integrating AAD in app only applications, as the description at https://graph.microsoft.io/en-us/docs/authorization/app_only:

After you register the application, configure the application permissions that your service or daemon app requires.

So, firstly, you may check out whether you have configured the correct permission on Azure portal:

According to your error message:

Insufficient privileges to complete the operation

And the application permissions require that your application has admin privileges. You can try to upgrade the role of the AD application you use to a administrator permission. Run the following commands in PowerShell:

Connect-MsolService
$ClientIdWebApp = '{your_AD_application_client_id}'
$webApp = Get-MsolServicePrincipal –AppPrincipalId $ClientIdWebApp
#use Add-MsolRoleMember to add it to "Company Administrator" role).
Add-MsolRoleMember -RoleName "Company Administrator" -RoleMemberType ServicePrincipal -RoleMemberObjectId $webApp.ObjectId