Hi
I am using the below script to add the users shared one drive folder as a favourite to all users in the group. When I run the script I get a 403 Forbidden Access denied error.
I am using a global admin account and graph has files.readwrite.all and user.readwrite.all
Connect-MgGraph -Scopes “User.ReadWrite.All, Files.ReadWrite.All”
Define the group ID and the shared folder ID
$groupId = “XXXXXXXXXXXXX”
$sharedFolderId = “XXXXXXXXXXX”
Get the members of the group
$members = Get-MgGroupMember -GroupId $groupId
foreach ($member in $members) {
# Add the shared folder to the member’s favorites
Invoke-MgGraphRequest -Method POST -Uri “https://graph.microsoft.com/v1.0/users/$($member.Id)/drive/items/$sharedFolderId/follow”
}
Hi, welcome to the forum
Firstly, when posting code in the forum, please can you use the preformatted text </> button. It really helps us with readability, and copying and pasting your code (we don’t have to faff about replacing curly quote marks to get things working). If you can’t see the </> in your toolbar, you will find it under the gear icon.
The way you’re connecting, you’re using delegated access. I’m guessing you don’t have access to everybody’s OneDrive which is what you would need to use delegated access.
To access every OneDrive without granting your account permissions on every OneDrive, you need to use application permissions. Essentially, create an App Registration authorized for access, then connect to Graph using the App Registration.