Develop Reference

Delegation denied when try to send mail from another user's account - via api

In a browser, I can open my personal gmail account or I can open any delegated accounts by clicking the circle with my initial in and picking from the available delegates - no problem.
Via API however, I can get an access token for my personal account and use this to send mail from my own account. If I try to send from the delegated account then I get the error.
So I have a token for my personal account eg me#gmail.com
and post to https://gmail.googleapis.com/gmail/v1/users/**delegator#gmail.com**/drafts
because me#gmail.com has been delegated to by delagator#gmail.com I would expect the api call to work with my access token - in the same way as when I am signed in to my account in a browser then I can then open the delegator account without having to provide credentials again.
'{"error":{"code":403,"message":"Delegation denied for me#gmail.com","errors":[{"message":"Delegation denied for me#gmail.com","domain":"global","reason":"forbidden"}],"status":"PERMISSION_DENIED"}}'
Thanks for any help.

I think you are using a specific email address in the request. Maybe try by with userId="me".

How to get data from Microsoft Bing Ads API

I'm trying to get Bing ads spends from my firm. According to the Microsoft documentation, I understood that it's mandatory to use Microsoft Azure portal, get developer_token, client_id, tenant_id, client_secret, and access/refresh token to download the csv files with the data I want.
So, this is what I did:
I've received an invitation from my firm to Microsoft advertising onto this email adress:
abc#myfirm.fr, and I've generated my developer token.
With this email address, I've created a web application onto Microsoft Azure portal, which allow all king of users. Getting client_id, tenant_id, and generated a client_secret.
The redirect URL that I have chosen is http://localhost (according to the documentation but not sure this is the good URL to choose).
With Postman, I have tried with this endpoint:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
and the params (previously obtained) needed for the OAuth 2.0 authentication to get my access token. Without success.
The issue is here.
When I request the access token, a new browser window opens, and asks for an email address on which to authenticate. I'm using my email address abc#myfirm.fr and I received authentication completed onto Postman but into the response body I have access_token: invalid.
The role of my account is super admin.
So I'm trying to authenticate with a professional Microsoft Azure Account and this time I received into the browser Invalid redirect url.
I have also tried to start all over again with different email address, like my personal email address, or with the email address of the creator of the Microsoft Advertising account, and I get the error contact your system Admin into the browser.
I have also tried with the Python SDK project given in the documentation, with the error message.
I must have forgotten or misunderstood something.
Should we use the same email address (or same account) on Microsoft Advertising, on Microsoft Azure, and when obtaining the access token?
Do you have to pay and take an Azure subscription? (Already done but without success)
Thanks in advance, sorry for my English.
EDIT:
Thank for ypur reply. The full request is: https://login.microsoftonline.com/common/oauth2/v2.0/authorize with the following params:
-type: OAuth 2.0
-Header Prefix: Bearer
-Grant Type: Authorization Code
-Callback URL: https://localhost
-Auth URL: https://login.microsoftonline.com/{my-tenant_id}/oauth2/v2.0/authorize
-Access Token URL: https://login.microsoftonline.com/{my-tenant_id}/oauth2/v2.0/token
-my client id
-my client secret
-scope: https://ads.microsoft.com/ads.manage OR also testing with https://graph.microsoft.com/User.Read
-State: None
-Client authentication: send client credentials in body
Give me an access_token but when I click on use token and send the request, I'm not getting an refresh token

Once a user provides consent, you can get an access token and act on behalf of the user.
So when the browser session starts, you should enter your Microsoft Advertising credentials.
Remember to set scope=https://ads.microsoft.com/ads.manage in the request for acquiring the authorization code.
If you prefer to automate this process, you can refer to this script and steps to obtain an access token.

MS Graph teams api cann't post message to channel and get channel's messages

I use
https://graph.microsoft.com/v1.0/teams/team_id/channels/channel_id/messages
to get messages in channel and post message to channel, but I get an error when I want to get these messages
UnknownError
When I post messages to channel , it shows Unauthorized.
My code
$headers = array(
"Content-Type: application/json",
"Authorization: Bearer {$_SESSION["access_token"]}",
);
$post_params = json_encode(array(
"body"=>array("content"=>"Hello World")
));
Azure Permission

This api only supports delegated permissions, you need to grant ChannelMessage.Read.All delegated permissions, and then grant admin consent for the permissions.

Several APIs including "List Channel Messages" are Protected APIs. It doesn't matter whether your admin gave you permission or not. Microsoft itself must give you permission too.
More info
https://learn.microsoft.com/en-us/graph/teams-protected-apis#:~:text=Microsoft%20Teams%20APIs%20in%20Microsoft,before%20you%20can%20use%20them.
Permission request form (Yes I know the form below looks ridiculous unfortunately that's the only way you request permission, the link is also given in the page above)
https://aka.ms/teamsgraph/requestaccess

You can access the list of channel messages via GRAPH with right permission (ChannelMessages.Read.All) and if you use the BETA endpoint of it. This is not a good idea for production btw but will solve the issue so you dont need to request this from MS.
For this you have to request the endpoint with a loggedIn user. (Delegated)

HTTP 403 Error message when accessing Alexa Device Address API

When trying to call the Alexa Device Address API using the following HTTPS endpoint;
apiEndpoint/v1/devices/deviceId/settings/address/countryAndPostalCode
Header:
Authorization, "Bearer eyJ..... apiAccessToken"
I receive back an HTTP 403 response with an error message saying
{
"type": "FORBIDDEN",
"message": "The authentication token is not valid."
}
I have enabled the countryAndPostalCode permission in the skill, and ensured that it is granted within the Alexa iOS app.
The skill itself is still under development (not published), it's in the en-GB locale, and I'm testing from the Alexa iOS app under the same Amazon account.

I have enabled the countryAndPostalCode permission in the skill, and
ensured that it is granted within the Alexa iOS app.
To be safe, I suggest you to triple-check by navigating to Skill Settings > Permissions > Manage Permissions, and make sure the toggle for "Device Country and Postal Code" is enabled. I have seen some inconsistency on Android between the status shown on the Skill Settings page and the actual toggle state.
Double-check your header: {"Authorization": "Bearer " + apiAccessToken}. As you mentioned, consentToken has been deprecated, so it should be apiAccessToken. Also make sure you have a space between Bearer and apiAccessToken.
If it still doesn't work, try re-enabling the Skill. Perhaps you got into a bad state somehow.
As a side note, apparently it does not allow you to call the countryAndPostalCode API even if you have permission to retrieve the full address. So if you requested the full address permission, you have to call the full address API.

How to create an Alexa app to fetch users current location and tell him about my nearest office?

I am trying to create an app for my own business. I have 5 stores and I want an alexa app to tell the users that this particular store is closest to you go to this store.
Any help, any direction would be helpful.

You can use Device Address API to get address data for your skill.
Every request from Alexa will have an apiAccessToken included in its payload. You can use this apiAccessToken to fire appropriate request to the apiEndpoint mentioned in the Alexa request payload.
Simple having the apiAccessToken doesn't mean that you have access to resources (like address). You have to obtain the customer's permission to use address data associated with the customer's Alexa device. For this, users will have to either explicitly grant access to your skill under Settings menu of your Alexa skill or you will have to send a permission card to the user for consent.
In ask-node-sdk v2 you can send a permission card like this:
return handlerInput.responseBuilder
.speak(speechOutput)
.withAskForPermissionsConsentCard(['read::alexa:device:all:address'])
.getResponse();
where read::alexa:device:all:address is the permission value for Device Full Address.
Once the permission is granted, fire a GET request with deviceId and apiAccessToken to the specified apiEndpoint
Endpoint for Full Address is: /v1/devices/*deviceId*/settings/address
Country/region & postal code: /v1/devices/*deviceId*/settings/address/countryAndPostalCode
In ask-node-sdk v2 you can get address information like this:
const deviceAddressServiceClient = serviceClientFactory.getDeviceAddressServiceClient();
const address = await deviceAddressServiceClient.getFullAddress(deviceId);
Note: Requests from Alexa may also include a consentToken within session.user.permissions and context.System.user.permissions. This property is deprecated and the context.System.apiAccessToken property should be used instead.
More on Device Address API here