Iām trying to connect to the graph.microsoft.com API and Iām getting the following error. Iām not completely sure, but I think it might be related to location. Could someone please guide me?
Thanks.
Endpoints tested:
bashCopiarEditarGET https://graph.microsoft.com/v1.0/meGET https://graph.microsoft.com/v1.0/me/messages
Permissions (scopes):
pgsqlCopiarEditarAPIConnectors.Read.AllFiles.ReadFiles.Read.AllFiles.ReadWrite.Alloffline_accessUser.Read
Also tested:
bashCopiarEditarGET https://graph.microsoft.com/v1.0/me/drive/root/children
Iām trying to retrieve the list of email messages, but I canāt because this error appears.
Note: When I test it in Postman, it works correctly.
HTTP/1.1 401 Unauthorized
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
request-id: d8a056d7-598d-4df9-963d-c0bb3196f242
client-request-id: d8a056d7-598d-4df9-963d-c0bb3196f242
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"East US","Slice":"E","Ring":"5","ScaleUnit":"008","RoleInstance":"BL02EPF0001B4C1"}}
Content-Type: application/json
WWW-Authenticate: Bearer realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000", error_description="Continuous access evaluation resulted in challenge with result: InteractionRequired and code: LocationConditionEvaluationSatisfied", error="insufficient_claims", claims="eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwidmFsdWUiOiIxNzU0ODEwMTI2In0sInhtc19ycF9pcGFkZHIiOnsidmFsdWUiOiI0NC4yMjIuMjIuMjE0In19fQ==",PoP realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000", nonce="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IkUyQjk5NkMwNjdBQUFEOTI0QkVDQUY3MkY4NjA3REQyRTQzMjgzMEYifQ.eyJ0cyI6MTc1NDgxMDEwMH0.f6jdyUVgFmBHgOsDTZWA22efEhzmzxpyYGdOATQnVbuRgGElBd1bx68YfiYtFjlN_DbjbD9NFmMz6pFJO02gHEpPHbtx2pr0IPBKgd4jhfzwBGCYDAYyQqK2BSrLD-Zs_yj1sdn7HbfkXrp53pMNV9_A7Lq5Cgpddsa2VFTeE_zjgUOI0pV67MTxD1cy58y1J2-CYBUyjnRGvlxc0gRHnDX1xx2j-C8DuKu7Rsht7LM5spbeEwXPwwtlQPTYADEuNg8x2RljwPqpkCm-x83WqUZfaOyB0rqakAjh-rfDiGM10aEx0NtIYc7SgKpm5EsE529fIfI5Er6xg3ZDJ31DNQ"
Date: Sun, 10 Aug 2025 07:15:26 GMT
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Continuous access evaluation resulted in challenge with result: InteractionRequired and code: LocationConditionEvaluationSatisfied",
"innerError": {
"date": "2025-08-10T07:15:26",
"request-id": "d8a056d7-598d-4df9-963d-c0bb3196f242",
"client-request-id": "d8a056d7-598d-4df9-963d-c0bb3196f242"
}
Hi @Ananias GutiƩrrez Carpio ,
401 means unauthorised that means you are not allowed to make this api call.
May i know what is the source of your token?
Have you validated this api call using postman? Or you are testing this directly in Outsystems?
I would recommend you to check the token generation step one more time and try to do this exercise first using postman, it will be quick and easier to debug this in postman instead of doing it in Outsystems.
https://learn.microsoft.com/en-us/graph/resolve-auth-errors
Regards
Manish Jawla
Hi ,
The reasons of failure
The error means Azure AD Conditional Access policy (location-based) blocked the token youāre using.
OutSystems code is likely using a token that does not include the extra claims Azure AD requires.
Postman works because you log in interactively and satisfy the policy.
So now again in OutSystems, you must either:
Re-authenticate interactively with the claims challenge, or
Ensure youāre always using a token from a trusted/allowed network while call the api from outsystemsAlso refer this one https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-assignment-network