"Missing access_token" Need Help with Custom GPT Project Integrated with Microsoft Graph API

Hello everyone,

I’m currently working on a project where I’m trying to create a custom GPT model with specific actions and have it connected to OneDrive and Microsoft To Do List via the Microsoft Graph API. The idea is to leverage the AI capabilities of GPT for enhanced task management and data handling in these Microsoft applications.

So far, I’ve made some progress:

  1. Authentication: I’ve set up the authentication process, and I can successfully log in.
  2. Permissions: After logging in, the necessary permissions are requested and, upon acceptance, it redirects to my GPT application.

Issue Encountered: However, I’ve hit a roadblock. After the redirection to the GPT interface, I encounter an error message stating “Missing access_token”. This is where I’m stuck and I’m not sure how to proceed.

What I’ve Tried:

  • I’ve double-checked the authentication flow to ensure that the permissions and redirection are correctly configured.
  • I’ve also looked into the documentation to see if I missed any steps regarding token acquisition.

What I Need Help With:

  • Understanding why the “access_token” is missing despite a seemingly successful login and permission acceptance.
  • Guidance on how to correctly retrieve and handle the access_token in this context.
  • Any insights or suggestions on best practices when integrating a custom GPT model with Microsoft Graph API.

I would greatly appreciate any advice, insights, or resources you could share. If anyone has experience with similar integrations or has faced and resolved this type of issue, your guidance would be invaluable.

Thank you in advance for your time and help!

Best regards

here is my openAPI Schema:

{
“openapi”: “3.1.0”,
“info”: {
“title”: “Microsoft To Do API”,
“description”: “API for managing Microsoft To Do lists and tasks.”,
“version”: “v1.0”
},
“servers”: [
{
“url”: “https://graph.microsoft.com/v1.0
}
],
“paths”: {
“/me/todo/lists”: {
“get”: {
“description”: “Get all the todoTaskList in the user’s mailbox”,
“operationId”: “listTodoTaskLists”,
“responses”: {
“200”: {
“description”: “A collection of todoTaskList objects”
}
}
}
},
“/me/todo/lists/{todoTaskListId}/tasks”: {
“get”: {
“description”: “Get all the todoTask resources in the specified list”,
“operationId”: “listTasksInTodoTaskList”,
“responses”: {
“200”: {
“description”: “A collection of todoTask objects”
}
}
}
},
“/me/todo/lists/{todoTaskListId}/tasks/{todoTaskId}/checklistItems”: {
“get”: {
“description”: “Get a list of the checklistItem objects and their properties”,
“operationId”: “listChecklistItems”,
“responses”: {
“200”: {
“description”: “A collection of checklistItem objects”
}
}
}
},
“/me/todo/lists/{todoTaskListId}/tasks/{todoTaskId}/linkedresources”: {
“get”: {
“description”: “Get the linkedResources from the linkedResources navigation property”,
“operationId”: “listLinkedResources”,
“responses”: {
“200”: {
“description”: “A collection of linkedResource objects”
}
}
}
}
},
“components”: {
“schemas”: {
“todoTaskList”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“displayName”: {
“type”: “string”
},
“isOwner”: {
“type”: “boolean”
},
“isShared”: {
“type”: “boolean”
},
“wellknownListName”: {
“type”: “string”
}
}
},
“todoTask”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“title”: {
“type”: “string”
},
“status”: {
“type”: “string”
}
}
},
“checklistItem”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“displayName”: {
“type”: “string”
},
“isChecked”: {
“type”: “boolean”
}
}
},
“linkedResource”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“applicationName”: {
“type”: “string”
},
“displayName”: {
“type”: “string”
},
“externalId”: {
“type”: “string”
},
“webUrl”: {
“type”: “string”
}
}
},
“securitySchemes”: {
“OAuth2”: {
“type”: “oauth2”,
“flows”: {
“authorizationCode”: {
“authorizationUrl”: “Sign in to your account”,
“tokenUrl”: “Sign in to your account”,
“scopes”: {
“Tasks.Read”: “Read user tasks”,
“Tasks.ReadWrite”: “Read and write user tasks”,
“Tasks.Read.Shared”: “Read shared tasks”,
“Tasks.ReadWrite.Shared”: “Read and write shared tasks”
}
}
}
}
}
}
},
“security”: [
{
“OAuth2”: [
“Tasks.Read”,
“Tasks.ReadWrite”,
“Tasks.Read.Shared”,
“Tasks.ReadWrite.Shared”
]
}
]
}

THis is the error extractet from network tracing(changed the ids):

{success: false, error: “Missing access_token”,…}
error
:
“Missing access_token”
message
:
“Missing access_token”
redirect_path
:
“/g/g-rPrgdsfq-to-task/c/gsgs-148sfsdfdsdsf-bd2e-acacfvsgv4w4t4”
success
:
false

{pageProps: {pluginId: “g-ec5d4agasdfsd58a6afasfasf3058ea”,…}, __N_SSP: true}
pageProps
:
{pluginId: “g-ec5d4rhtrthft43058ea”,…}
code
:
“M.C107_SN1.2dhdg1-1b15-wrgr9-4sfsdf9-71592sfsd02”
pluginId
:
“g-ec5d4f368fhtrehf68sfe9943058ea”
serverPrimedAllowBrowserStorageValue
:
true
state
:
“cwdgdf51f-dwr4c-wrfc-4ssef-8c6dssgsgfe384”
__N_SSP
:
true

Hello.

Unfortunately I don’t have any advice or insight to provide. I just wanted to say I too am looking to build a private custom GPT which will integrate with my OneNote and Microsoft, so I’ll be watching this thread closely.

But I wanted to ask if ChatGPT itself could help you resolve this?

At least you can now use my schema to get to the same point as I am. Or maybe get further and tell me.

If I manage this, I’ll def be looping you in.

1 Like

Hello.

I was able to catch up to where you are in a way via an article on Linkedin by a Reuven Cohen. Unfortunately I cannot link the article.

However, I reached the same roadblock. I’m able to sign in, but I receive a missing access token alert. Still riddling it out. I’m now looking to see how people who have integrated things like Spotify, etc, got around this issue.

Hope all is well.

So i just tested the GPT and it seems to work correctly.

You can test the GPT here.
https://chat.openai.com/g/g-6QzJ0XxVC-ms-co-pilot

The instructions:

The JSON:

I’m going to create dedicated thread about this. I’ve been getting dozens are messages about this GPT how to.

2 Likes

Hey @NoNo , did you manage to figure it out?

I spent nearly a day troubleshooting with @ruv and still didn’t get it working for me. However, he and I were able to get it working for his GPT after he had invited me to his org for testing. So that is something.

One thing we learned was that there may be a need to make the registered Azure app a Verified Publisher because of some rules Microsoft implemented back in 2020 it seems. But even that is giving me trouble.

Still working on this as best I can but wanted to see if you’ve made any progress.

Hello @NoNo

I think I figured it out. I was able to successfully connect my Microsoft account and have the GPT retrieve my Microsoft profile details without getting a “Missing Access Token” message.

I also want to thank @ruv for his support the other day. We spent a few hours troubleshooting, and although we didn’t resolve it together, he helped me stay on path. Hopefully, this resolves your issue.

For me, the problem was that I was using the wrong value for the Client Secret in the Oauth authentication. I was using the Client Secret “Secret ID” value from my app in Azure instead of the Client Secret “Value” string.

Additionally, I used the following URLs both in the Oauth and in the JSON;

https://login.microsoftonline.com/common/oauth2/v2.0/authorize
https://login.microsoftonline.com/common/oauth2/v2.0/token

To verify that this was the fix for me, I reconfigured the GPT using the Azure app’s Client ID and the Client Secret “Secret ID”. I get the Missing Access Token message every time. When I switch it back to the Value string, it works again.

Keep in mind that each time you reenter or change these keys you must save and refresh to get the new callback URL to replace in your Azure app’s Redirect URI.

Also, not sure if this matters, I changed the Azure app’s “Supported account types” to “All Microsoft account users”. Previously, I had it set to “Personal Accounts Only”. If changing it does not work, just delete the app in Azure and create a new one with option for the most account types selected.

Also, also, I was able to complete this setup with Azure app’s created in both my personal Microsoft account’s Azure, and my business Microsoft’s account Azure, confirming that either or should work.

I used a very basic JSON for the test. Hopefully, it will continue to work as I need more scopes to it. This JSON was generated by ChatGPT.

{
  "openapi": "3.1.0",
  "info": {
    "title": "A.D.A GPT Microsoft Graph Integration",
    "version": "1.0.0",
    "description": "This specification outlines the integration of A.D.A GPT with the Microsoft Graph API to access and read the user's profile."
  },
  "servers": [
    {
      "url": "https://graph.microsoft.com/v1.0",
      "description": "Microsoft Graph API server"
    }
  ],
  "paths": {
    "/me": {
      "get": {
        "operationId": "getUserProfile",
        "summary": "Get User Profile",
        "description": "Retrieve the user's profile information from Microsoft Graph.",
        "responses": {
          "200": {
            "description": "Successful response with user profile data.",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/UserProfile"
                }
              }
            }
          },
          "401": {
            "description": "Unauthorized request due to invalid or missing authentication token."
          },
          "403": {
            "description": "Forbidden request due to insufficient permissions."
          }
        }
      }
    }
  },
  "components": {
    "securitySchemes": {
      "OAuth2": {
        "type": "oauth2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
            "tokenUrl": "https://login.microsoftonline.com/common/oauth2/v2.0/token",
            "scopes": {
              "User.Read": "Read user profile"
            }
          }
        }
      }
    },
    "schemas": {
      "UserProfile": {
        "type": "object",
        "properties": {
          "displayName": {
            "type": "string"
          },
          "mail": {
            "type": "string"
          },
        }
      }
    }
  },
  "security": [
    {
      "OAuth2": ["User.Read"]
    }
  ]
}

Hopefully this works for you like it did for me.

Hi @reginaldandreas ,

Thank you, I haven’t had time to look at it again, but I will try it soon and give you feedback.

Thanks!

1 Like