Getting 401-Unauthorized while getting photo using outlook REST API - java cliet

Question

I am trying to retrieve user photo using outlook REST API(https://msdn.microsoft.com/en-us/office/office365/api/photo-rest-operations#UserphotooperationsGetphoto)

I got

Answer 1

According to the error message. Instead of a client_secret in your request body, you need a client_assertion.

For more details, you can reference the blog Building Daemon or Service Apps with Office 365 Mail, Calendar, and Contacts APIs (OAuth2 client credential flow)

According to the API you call "https://outlook.office.com/api/v2.0/me/photo/$value". It seems that you only want to get the photo for the current login user; if so, you can use Authorization Code Grant Flow to get the token which will not require the client certificates.

UPDATE#1:

Can this be done programmatically/API way

As far as I know, the consent need the user's or admin's interactivity.

https://login.windows.net/common/oauth2/authorize?response_type=code&client_id={0}&resource={1}&redirect_uri={2}&prompt={3}

If you are developing a ASP.NET web application, you can reference the sample project O365-WebApp-MultiTenant.

BTW, when calling the API with app-token, you need to specify the user name.

e.g.

https://outlook.office.com/api/v2.0/users('user1@customdomain.onmicrosoft.com')/messages

UPDATE#2:

The 403 code when updating the photo using the app token is expected result.

As we can see from the figure above, updating the user photo requires the delegated permission "User.Read.Write". The app token does not have permission to update user's photo.