"Missing access_token" Need Help with Custom GPT Project Integrated with Microsoft Graph API

NoNo · December 7, 2023, 5:56pm

Hello everyone,

I’m currently working on a project where I’m trying to create a custom GPT model with specific actions and have it connected to OneDrive and Microsoft To Do List via the Microsoft Graph API. The idea is to leverage the AI capabilities of GPT for enhanced task management and data handling in these Microsoft applications.

So far, I’ve made some progress:

Authentication: I’ve set up the authentication process, and I can successfully log in.
Permissions: After logging in, the necessary permissions are requested and, upon acceptance, it redirects to my GPT application.

Issue Encountered: However, I’ve hit a roadblock. After the redirection to the GPT interface, I encounter an error message stating “Missing access_token”. This is where I’m stuck and I’m not sure how to proceed.

What I’ve Tried:

I’ve double-checked the authentication flow to ensure that the permissions and redirection are correctly configured.
I’ve also looked into the documentation to see if I missed any steps regarding token acquisition.

What I Need Help With:

Understanding why the “access_token” is missing despite a seemingly successful login and permission acceptance.
Guidance on how to correctly retrieve and handle the access_token in this context.
Any insights or suggestions on best practices when integrating a custom GPT model with Microsoft Graph API.

I would greatly appreciate any advice, insights, or resources you could share. If anyone has experience with similar integrations or has faced and resolved this type of issue, your guidance would be invaluable.

Thank you in advance for your time and help!

Best regards

NoNo · December 8, 2023, 12:31pm

here is my openAPI Schema:

{
“openapi”: “3.1.0”,
“info”: {
“title”: “Microsoft To Do API”,
“description”: “API for managing Microsoft To Do lists and tasks.”,
“version”: “v1.0”
},
“servers”: [
{
“url”: “https://graph.microsoft.com/v1.0”
}
],
“paths”: {
“/me/todo/lists”: {
“get”: {
“description”: “Get all the todoTaskList in the user’s mailbox”,
“operationId”: “listTodoTaskLists”,
“responses”: {
“200”: {
“description”: “A collection of todoTaskList objects”
}
}
}
},
“/me/todo/lists/{todoTaskListId}/tasks”: {
“get”: {
“description”: “Get all the todoTask resources in the specified list”,
“operationId”: “listTasksInTodoTaskList”,
“responses”: {
“200”: {
“description”: “A collection of todoTask objects”
}
}
}
},
“/me/todo/lists/{todoTaskListId}/tasks/{todoTaskId}/checklistItems”: {
“get”: {
“description”: “Get a list of the checklistItem objects and their properties”,
“operationId”: “listChecklistItems”,
“responses”: {
“200”: {
“description”: “A collection of checklistItem objects”
}
}
}
},
“/me/todo/lists/{todoTaskListId}/tasks/{todoTaskId}/linkedresources”: {
“get”: {
“description”: “Get the linkedResources from the linkedResources navigation property”,
“operationId”: “listLinkedResources”,
“responses”: {
“200”: {
“description”: “A collection of linkedResource objects”
}
}
}
}
},
“components”: {
“schemas”: {
“todoTaskList”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“displayName”: {
“type”: “string”
},
“isOwner”: {
“type”: “boolean”
},
“isShared”: {
“type”: “boolean”
},
“wellknownListName”: {
“type”: “string”
}
}
},
“todoTask”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“title”: {
“type”: “string”
},
“status”: {
“type”: “string”
}
}
},
“checklistItem”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“displayName”: {
“type”: “string”
},
“isChecked”: {
“type”: “boolean”
}
}
},
“linkedResource”: {
“type”: “object”,
“properties”: {
“id”: {
“type”: “string”
},
“applicationName”: {
“type”: “string”
},
“displayName”: {
“type”: “string”
},
“externalId”: {
“type”: “string”
},
“webUrl”: {
“type”: “string”
}
}
},
“securitySchemes”: {
“OAuth2”: {
“type”: “oauth2”,
“flows”: {
“authorizationCode”: {
“authorizationUrl”: “Sign in to your account”,
“tokenUrl”: “Sign in to your account”,
“scopes”: {
“Tasks.Read”: “Read user tasks”,
“Tasks.ReadWrite”: “Read and write user tasks”,
“Tasks.Read.Shared”: “Read shared tasks”,
“Tasks.ReadWrite.Shared”: “Read and write shared tasks”
}
}
}
}
}
}
},
“security”: [
{
“OAuth2”: [
“Tasks.Read”,
“Tasks.ReadWrite”,
“Tasks.Read.Shared”,
“Tasks.ReadWrite.Shared”
]
}
]
}

NoNo · December 8, 2023, 12:35pm

THis is the error extractet from network tracing(changed the ids):

{success: false, error: “Missing access_token”,…}
error
:
“Missing access_token”
message
:
“Missing access_token”
redirect_path
:
“/g/g-rPrgdsfq-to-task/c/gsgs-148sfsdfdsdsf-bd2e-acacfvsgv4w4t4”
success
:
false

{pageProps: {pluginId: “g-ec5d4agasdfsd58a6afasfasf3058ea”,…}, __N_SSP: true}
pageProps
:
{pluginId: “g-ec5d4rhtrthft43058ea”,…}
code
:
“M.C107_SN1.2dhdg1-1b15-wrgr9-4sfsdf9-71592sfsd02”
pluginId
:
“g-ec5d4f368fhtrehf68sfe9943058ea”
serverPrimedAllowBrowserStorageValue
:
true
state
:
“cwdgdf51f-dwr4c-wrfc-4ssef-8c6dssgsgfe384”
__N_SSP
:
true

reginaldandreas · December 8, 2023, 6:23pm

Hello.

Unfortunately I don’t have any advice or insight to provide. I just wanted to say I too am looking to build a private custom GPT which will integrate with my OneNote and Microsoft, so I’ll be watching this thread closely.

But I wanted to ask if ChatGPT itself could help you resolve this?

NoNo · December 8, 2023, 7:04pm

At least you can now use my schema to get to the same point as I am. Or maybe get further and tell me.

reginaldandreas · December 8, 2023, 7:15pm

If I manage this, I’ll def be looping you in.

reginaldandreas · December 10, 2023, 12:47am

Hello.

I was able to catch up to where you are in a way via an article on Linkedin by a Reuven Cohen. Unfortunately I cannot link the article.

However, I reached the same roadblock. I’m able to sign in, but I receive a missing access token alert. Still riddling it out. I’m now looking to see how people who have integrated things like Spotify, etc, got around this issue.

Hope all is well.

ruv · December 11, 2023, 3:36pm

So i just tested the GPT and it seems to work correctly.

You can test the GPT here.
https://chat.openai.com/g/g-6QzJ0XxVC-ms-co-pilot

The instructions:

github.com

ruvnet/gpts/blob/main/instructions/MS Co-Pilot.txt

MS Co-Pilot is tailored to provide easy-to-understand guidance for configuring and using the Microsoft Graph API, along with OAuth and third-party APIs. It focuses on simplifying technical concepts, making them accessible to a wide range of users, from beginners to experienced developers. The assistant explains the steps to configure OAuth for accessing the Microsoft Graph API, highlights the opportunities and benefits of using Microsoft Graph in various applications, and offers insights into integrating third-party APIs. It ensures users comprehend the importance of security and proper handling of credentials and permissions while working with APIs. Although it can't perform real-time operations or directly interact with external APIs, it's proficient in simulating scenarios, formulating requests, and interpreting responses, making it a valuable educational resource.

The JSON:

github.com

ruvnet/gpts/blob/main/openapi-json/ms-graph.json

{
  "openapi": "3.0.0",
  "info": {
    "title": "Calendar and Email API",
    "version": "1.0.0"
  },
  "paths": {
    "/calendars": {
      "get": {
        "summary": "Get all calendars",
        "responses": {
          "200": {
            "description": "Array of calendar",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/calendar"
                }
              }
            }

This file has been truncated. show original

I’m going to create dedicated thread about this. I’ve been getting dozens are messages about this GPT how to.

reginaldandreas · December 15, 2023, 3:45am

Hey @NoNo , did you manage to figure it out?

I spent nearly a day troubleshooting with @ruv and still didn’t get it working for me. However, he and I were able to get it working for his GPT after he had invited me to his org for testing. So that is something.

One thing we learned was that there may be a need to make the registered Azure app a Verified Publisher because of some rules Microsoft implemented back in 2020 it seems. But even that is giving me trouble.

Still working on this as best I can but wanted to see if you’ve made any progress.

reginaldandreas · December 16, 2023, 3:41am

Hello @NoNo

I think I figured it out. I was able to successfully connect my Microsoft account and have the GPT retrieve my Microsoft profile details without getting a “Missing Access Token” message.

I also want to thank @ruv for his support the other day. We spent a few hours troubleshooting, and although we didn’t resolve it together, he helped me stay on path. Hopefully, this resolves your issue.

For me, the problem was that I was using the wrong value for the Client Secret in the Oauth authentication. I was using the Client Secret “Secret ID” value from my app in Azure instead of the Client Secret “Value” string.

Additionally, I used the following URLs both in the Oauth and in the JSON;

https://login.microsoftonline.com/common/oauth2/v2.0/authorize
https://login.microsoftonline.com/common/oauth2/v2.0/token

To verify that this was the fix for me, I reconfigured the GPT using the Azure app’s Client ID and the Client Secret “Secret ID”. I get the Missing Access Token message every time. When I switch it back to the Value string, it works again.

Keep in mind that each time you reenter or change these keys you must save and refresh to get the new callback URL to replace in your Azure app’s Redirect URI.

Also, not sure if this matters, I changed the Azure app’s “Supported account types” to “All Microsoft account users”. Previously, I had it set to “Personal Accounts Only”. If changing it does not work, just delete the app in Azure and create a new one with option for the most account types selected.

Also, also, I was able to complete this setup with Azure app’s created in both my personal Microsoft account’s Azure, and my business Microsoft’s account Azure, confirming that either or should work.

I used a very basic JSON for the test. Hopefully, it will continue to work as I need more scopes to it. This JSON was generated by ChatGPT.

{
  "openapi": "3.1.0",
  "info": {
    "title": "A.D.A GPT Microsoft Graph Integration",
    "version": "1.0.0",
    "description": "This specification outlines the integration of A.D.A GPT with the Microsoft Graph API to access and read the user's profile."
  },
  "servers": [
    {
      "url": "https://graph.microsoft.com/v1.0",
      "description": "Microsoft Graph API server"
    }
  ],
  "paths": {
    "/me": {
      "get": {
        "operationId": "getUserProfile",
        "summary": "Get User Profile",
        "description": "Retrieve the user's profile information from Microsoft Graph.",
        "responses": {
          "200": {
            "description": "Successful response with user profile data.",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/UserProfile"
                }
              }
            }
          },
          "401": {
            "description": "Unauthorized request due to invalid or missing authentication token."
          },
          "403": {
            "description": "Forbidden request due to insufficient permissions."
          }
        }
      }
    }
  },
  "components": {
    "securitySchemes": {
      "OAuth2": {
        "type": "oauth2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
            "tokenUrl": "https://login.microsoftonline.com/common/oauth2/v2.0/token",
            "scopes": {
              "User.Read": "Read user profile"
            }
          }
        }
      }
    },
    "schemas": {
      "UserProfile": {
        "type": "object",
        "properties": {
          "displayName": {
            "type": "string"
          },
          "mail": {
            "type": "string"
          },
        }
      }
    }
  },
  "security": [
    {
      "OAuth2": ["User.Read"]
    }
  ]
}

Hopefully this works for you like it did for me.

NoNo · January 11, 2024, 9:47am

Hi @reginaldandreas ,

Thank you, I haven’t had time to look at it again, but I will try it soon and give you feedback.

Thanks!

NoNo · April 3, 2024, 2:12pm

Does it still work, i tried to fix it today, but if i try to login just a new chat opens…

i get Couldn’t log in with plugin

sometimes this error shows up:

Missing access token, received 400 from https://login.microsoftonline.com/common/oauth2/v2.0/token: response_data={‘error’: ‘invalid_request’, ‘error_description’: “AADSTS90023: Public clients can’t send a client secret. Trace ID: 85555ebd-7d16-43f4-a5c0-33c65db6c202 Correlation ID: 716aded7-b054-446a-bf5e-8d54d3f21808 Timestamp: 2024-04-03 15:13:52Z”, ‘error_codes’: [90023], ‘timestamp’: ‘2024-04-03 15:13:52Z’, ‘trace_id’: ‘85555ebd-7d16-43f4-a5c0-33c65db6c202’, ‘correlation_id’: ‘716aded7-b054-446a-bf5e-8d54d3f21808’}

NoNo · April 3, 2024, 5:34pm

okay i found my error i should have used web and not deskopt and mobile in azure

reginaldandreas · May 31, 2024, 5:55pm

Hello. Sorry for the delayed response. I postponed my work on this project and ended up moving on.

I may revisit. Thanks for the update.

Topic		Replies	Views
Microsoft Graph API error: The request does not contain a valid authentication token Plugins / Actions builders gpt-4 , chatgpt , api	8	4080	June 8, 2024
"Error saving draft" when creating an authenticated action in a GPT Plugins / Actions builders gpt	62	5474	June 26, 2024
Issue with GPT Actions not triggering external API calls Plugins / Actions builders chatgpt , plugin-development , chatgpt-plugin	28	7000	December 20, 2023
Issues with API actions on Custom GPTs since last week Plugins / Actions builders api , actions	33	3563	February 2, 2024
Error in OAuth handling in Custom GPT GPT builders oauth	9	1409	March 7, 2024

"Missing access_token" Need Help with Custom GPT Project Integrated with Microsoft Graph API

Related topics