Is it possible to use the Microsoft Graph API to access a users OneDrive for Business folders and files when running in app-mode?

I've successfully configured the app in Azure AD (with certificate, etc.), I've been able to get bearer token and I've also successfully requested data from certain endpoints. However: I am are not able to work with the users OneDrive for Business folders or files.

In other cases I’ve been using a service account (a user account with full administrative privileges) to perform CRUD operations on folders and files in the users OneDrives, but this requires me to check (and set) permissions on all folders and files before any CRUD operation and also exposes the service account to the users in file and folder permission settings. With the Graph API in app-mode I assume that all these issues goes away?

I have some examples on what works, and more importantly, some that doesen’t:

• graph.microsoft.com/v1.0/users
  Returns a list of users without issues.

• graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER
  Returns information about the specified user without issues.

• graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive
  Returns information about the specified users drive without issues.

• graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive/root
  Returns information about the specified users drive root without issues.

• graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive/root/children
  Does not return information about the specified users drive root children as expected.

• graph.microsoft.com/v1.0/drives/UPN-PLACEHOLDER/root/children
  Does not return information about the specified users drive root children as expected.

• graph.microsoft.com/v1.0/drives/DRIVE-ID-PLACEHOLDER/root/children
  Does not return information about the specified users drive root children as expected.

Other notes:

• All these endpoints work as expected if I log in using a regular user account and the «/me» keyword or if I use a service account (with full administrative privileges) and UPNs to other user accounts, but in app-mode with UPNs all request for information on a deeper level than root (ie. root/children or specific folders) returns empy.
• We’ve tried working with both the SDK abstraction and pure HTTP requests without success.
• We’ve tried a lot of different app priviledge combinations and currently have ALL PERMISSIONS ON

The reason you can't do this is that we don't yet expose any app-only permissions to access OneDrive files. This is something we are working on and hope to expose very soon. Please stay tuned to our blog posts where we'll let folks know when this capability is added.

Hope this helps,

I am using AAD v2, registered the app in Microsoft App registration portal. Once the admin gives consent to the app via the app consent url that contains tenant id and client id, the app can access to all users drives and files with App Mod permissions. So your scenario is possible now, just wanted to add that information since the accepted answer seems outdated.