Microsoft Graph API delta uses - microsoft-graph-api

How can I retrieve the list of delta users using Microsoft Graph API for which his/her group or event data is changed? Users delta api gives the list of users for which their contact related information is changed but not when his/her skills/events/groups data is changed e.g. if few users add a new skill then in incremental mode which api I can use to get these delta users details?

You cannot get notifications about skills. If you try to call Graph API delta endpoint for users
GET https://graph.microsoft.com/v1.0/users/delta?$select=skills
It will return the error message
Invalid request for delta query: for this entity set, $expand/$select
is not supported for the following properties: skills
For events, Graph API supports only notifications for specific user, not for all users.
GET /me/calendarView/delta?startDateTime={start_datetime}&endDateTime={end_datetime}
GET /users/{id}/calendarView/delta?startDateTime={start_datetime}&endDateTime={end_datetime}
For groups, you can call the following endpoint
GET https://graph.microsoft.com/v1.0/groups/delta
The response contains the members#delta property which includes the ids of member objects in the group. If the #odata.type is #microsoft.graph.user then id is the identifier of the user.
"members#delta": [
{
"#odata.type": "#microsoft.graph.user",
"id": "693acd06-2877-4339-8ade-b704261fe7a0"
},
{
"#odata.type": "#microsoft.graph.user",
"id": "49320844-be99-4164-8167-87ff5d047ace"
}
]
Resources:
event: delta
group: delta
user: delta

Related

Using RSC To Access Chat Messages with Microsoft Graph

I am building a Teams chat-bot that looks at the history of messages in the current chat/channel whilst in conversation with the user.
My bot has been granted all the RSC (Resource-Specific Content) Permissions it needs (see image below)
Here is the relevant parts of the manifest:
{
"$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.11/MicrosoftTeams.schema.json",
"version": "1.0.0",
"manifestVersion": "1.11",
"id": "bd33f8b1-b593-433c-926e-44a27c1bd94a",
...
"permissions": [
"identity",
"messageTeamMembers"
],
...
"bots": [
{
"botId": "e6d93739-a8ab-412d-a4f6-b6f514a3451a",
"scopes": [
"team",
"personal",
"groupchat"
],
"isNotificationOnly": false,
"supportsFiles": true
}
],
"validDomains": [],
"webApplicationInfo": {
"id": "e6d93739-a8ab-412d-a4f6-b6f514a3451a",
"resource": "https://RscBasedStoreApp",
"applicationPermissions": [
"TeamSettings.Read.Group",
"ChannelMessage.Read.Group",
"TeamSettings.Edit.Group",
"ChannelSettings.ReadWrite.Group",
"Channel.Create.Group",
"Channel.Delete.Group",
"TeamsApp.Read.Group",
"TeamsTab.Read.Group",
"TeamsTab.Create.Group",
"TeamsTab.ReadWrite.Group",
"TeamsTab.Delete.Group",
"Member.Read.Group",
"Owner.Read.Group",
"ChatSettings.Read.Chat",
"ChatSettings.ReadWrite.Chat",
"ChatMessage.Read.Chat",
"ChatMember.Read.Chat",
"Chat.Manage.Chat",
"TeamsTab.Read.Chat",
"TeamsTab.Create.Chat",
"TeamsTab.Delete.Chat",
"TeamsTab.ReadWrite.Chat",
"TeamsAppInstallation.Read.Chat",
"OnlineMeeting.ReadBasic.Chat",
"Calls.AccessMedia.Chat",
"Calls.JoinGroupCalls.Chat",
"TeamsActivity.Send.Chat"
]
}
}
Note: the bot has permission to read messages in chats and channels. Specifically, my problem affects chats and not channels (which I can get messages from fine).
In order to do this, I get a JWT token for the bot account, accessing the Graph API like so:
GraphServiceClient<?> gsc = GraphServiceClient.builder()
.authenticationProvider(u -> mac.getToken())
.buildClient();
Next, I am using the Graph API to pull back these messages. For messages in channels I can do:
gsc.teams("some group id")
.channels("team id")
.messages()
.buildRequest(Collections.emptyList()).get()));
This works fine.
For chats, I am doing something like:
gsc.chats("29:13qY8hmfkJinH9-v7rYKjCNFHYFJXKbjqR-NyzyKzL694npelHJoq5HrVtqJLRYo79OYeHGQq-bhtJM5N-yKXyQ")
.messages()
.buildRequest().get()));
However, this time I get an error from the Graph API:
[Some information was truncated for brevity, enable debug logging for
more details] com.microsoft.graph.http.GraphServiceException: Error
code: Forbidden Error message: Invoked API requires Protected API
access in application-only context when not using Resource Specific
Consent. Visit
https://learn.microsoft.com/en-us/graph/teams-protected-apis for more
details.
GET
https://graph.microsoft.com/v1.0/chats/29:13qY8hmfkJinH9-v7rYKjCNFHYFJXKbjqR-NyzyKzL694npelHJoq5HrVtqJLRYo79OYeHGQq-bhtJM5N-yKXyQ/messages
SdkVersion : graph-java/v5.6.0
I am at a loss to explain why querying channels works fine but querying chats fails.
Any help gratefully appreciated!
This is a protected API and in order to use it you will first need to make a formal request to Microsoft Graph, asking for permissions to use the API without any user interaction
Here is the list of protected APIs. You need to fill this form to get the required permissions.
To request access to these protected APIs, complete the following
request form. We review access requests every Wednesday and deploy
approvals every Friday, except during major holiday weeks in the U.S.
Submissions during those weeks will be processed the following
non-holiday week.
The other option would be to use delegated flow.

Microsoft Graph translateExchangeIds not returning the same id as EWS

I am working with both EWS and the Graph API.
I would like to create events (online meetings with skype/teams) in an calendar that is already available via EWS.
To match the calendar to the one available via Graph API i try to use https://learn.microsoft.com/en-us/graph/api/user-translateexchangeids
The calendar i created has this id when returned by the FindFolder call:
<t:FolderId Id="AAMkAGNiY2YxMjY3LTUxYjgtNGI1Yy1hOTM2LTU4MTM5OTZiNjdjYgAuAAAAAABW2gY0kRG1SqggDTNZN6i8AQAPJkKZ1XJkQ6huFmcVa6XaAAGixNZ3AAA=" ChangeKey="..."/>
<t:DisplayName>Test</t:DisplayName>
I create a request to the graph api:
{
"inputIds": [
"AAMkAGNiY2YxMjY3LTUxYjgtNGI1Yy1hOTM2LTU4MTM5OTZiNjdjYgAuAAAAAABW2gY0kRG1SqggDTNZN6i8AQAPJkKZ1XJkQ6huFmcVa6XaAAGixNZ3AAA="
],
"sourceIdType": "ewsId",
"targetIdType": "restId"}
and get the result
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(microsoft.graph.convertIdResult)",
"value": [
{
"sourceId": "AAMkAGNiY2YxMjY3LTUxYjgtNGI1Yy1hOTM2LTU4MTM5OTZiNjdjYgAuAAAAAABW2gY0kRG1SqggDTNZN6i8AQAPJkKZ1XJkQ6huFmcVa6XaAAGixNZ3AAA=",
"targetId": "AAMkAGNiY2YxMjY3LTUxYjgtNGI1Yy1hOTM2LTU4MTM5OTZiNjdjYgAuAAAAAABW2gY0kRG1SqggDTNZN6i8AQAPJkKZ1XJkQ6huFmcVa6XaAAGixNZ3AAA="
}
]
}
However, if i call https://graph.microsoft.com/v1.0/me/calendars i get a different id
"id": "AAMkAGNiY2YxMjY3LTUxYjgtNGI1Yy1hOTM2LTU4MTM5OTZiNjdjYgBGAAAAAABW2gY0kRG1SqggDTNZN6i8BwBIq5JjIBY-RqWQllrF0GSkAAAAB353AAAPJkKZ1XJkQ6huFmcVa6XaAAGixNowAAA=",
"name": "Test",
Is there a way to match the (ews) calendar i already have to the one returned by the Graph API?
This is a shot in the dark, because I've never dug this deeply into the weeds on the Graph Ids, but you might try calling Graph with the header that selects "immutable ids." I tried to find some details on what this actually means without much luck.
The header is:
request.Header("Prefer", "IdType=\"ImmutableId\"");
HTH, and if not, sorry for guessing.

ErrorItemNotFound when trying to retrieve room calendar via MS Graph API

Next to retrieving calendar views of a user's calendar (on behalf of the user), we are trying hard to also get the calendar view of rooms via the Graph API using
https://graph.microsoft.com/beta/users/room1#ourdomain.com/calendarView. It's a painful process since we've been running into many problems and are currently stuck with the following 404 response:
https://graph.microsoft.com:443/v1.0/users/room1#ourdomain.com/calendarView?startDateTime=2018-12-04T23:00:00.000Z&endDateTime=2019-02-10T22:59:59.999Z
{
"error": {
"code": "ErrorItemNotFound",
"message": "The specified object was not found in the store.",
"innerError": {
"request-id": "358a003a-57a4-4f0e-91da-edc17c1fa2d8",
"date": "2018-12-12T07:38:33"
}
}
}
The email address of the room has been double checked and the resource exists, since we can create appointments with it and it is even being returned in the response when we retrieve the calendar of the user who has an appointment in that location.
App permissions and OAuth2 scopes are set to: openid email profile offline_access https://graph.microsoft.com/Calendars.Read https://graph.microsoft.com/Calendars.Read.Shared https://graph.microsoft.com/User.Read
https://graph.microsoft.com/User.ReadBasic.All https://graph.microsoft.com/User.Read.All, so that should not be an issue, judging by the documentation.
Does anyone know how to solve this?
I've tried all possible ways, but there is no way to get access.
This is what I've tried out the following in the Graph explorer:
https://graph.microsoft.com/v1.0/users/meetingroom1#domain.com/events -> DelegatedCalendarAccessDenied
https://graph.microsoft.com/v1.0/users/meetingroom1#domain.com/calendarView?startDateTime=2019-01-14&endDateTime=2019-01-18 -> ErrorItemNotFound
https://graph.microsoft.com/v1.0/users/meetingroom1#domain.com/calendar/calendarView?startDateTime=2019-01-14&endDateTime=2019-01-18 -> ErrorItemNotFound
All three on both the v1.0 and the beta.
It isn't an issue with rights, because for my testing I granted the Graph Explorer the Directory.ReadWrite.All scope. Resulting in the following scp claim.
The first requests seems the most promising (because of the different error), I also made myself a delegate with full control of the rooms-mailbox. That still didn't help.
A request to https://graph.microsoft.com/v1.0/users/meetingroom1#domain.com gives a result, as in a result describing the meetingroom.
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
"businessPhones": [],
"displayName": "Meeting room 1",
"givenName": null,
"jobTitle": null,
"mail": "meetingroom1#domain.com",
"mobilePhone": null,
"officeLocation": null,
"preferredLanguage": null,
"surname": null,
"userPrincipalName": "meetingroom1#domain.com",
"id": "3e0a7b7e-xxxx-xxxx-xxxx-xxxxcxxxx120"
}
After doing all these tests, I can only conclude that you cannot access the events in a rooms mailbox. This is either intended (as in only use the scheduling assistant) or a bug.
Maybe some of the Microsoft guys around here could clarify this?
FINALLY! After going through this with countless Microsoft support people, each of whom said this was not their territory and did not know where to forward the question, I got in touch with somebody from the Exchange team. He suggested the one thing that worked for us: the user on behalf of which you are retrieving the room resource calendar needs to be a delegate of that room resource!
In addition, to retrieve the list of room resources which the user can select from, we needed to use the findRooms endpoint but this only works on the beta API. The only drawback of this is that you cannot seem to filter for rooms of which the user is a delegate. So the user will get a list of rooms for which he might or might not be able to retrieve the calendar.
A final drawback of the room resource calendarView response is that the response does not contain the names of the meetings planned in the rooms. The description of each event only contains the name of the meeting organizer.

Fetch events from shared calendar with Office 365 REST API

Loading shared calendar from a user works so far.
However, as soon as you want to load the events, we get the following error message:
ErrorAccessDenied
Access is denied. Check credentials and try again.
The URL looks like this:
https://outlook.office.com/api/v2.0/users/{userName}/calendars/{sharedCalendarId}/calendarView
Query:
{
"query": {
"$select": "Subject,Location,Start,End,IsAllDay,BodyPreview,Extensions",
"$expand": "Extensions($filter=Id eq \"Microsoft.OutlookServices.OpenTypeExtension.custom.string.here\")",
"startDateTime": "2018-07-09T22:00:00.000Z",
"endDateTime": "2018-11-09T23:00:00.000Z"
},
"headers": {
"Prefer": [
"odata.track-changes",
"odata.maxpagesize=200"
]
}
}
The following scopes were set:
"openid",
"profiles",
"offline_access", // for refresh token
"https://outlook.office.com/calendars.readwrite",
"https://outlook.office.com/calendars.read.shared",
"https://outlook.office.com/calendars.readwrite.shared"
The Outlook REST API requests are always performed on behalf of the current user (authenticated user). That's why the endpoint /me/calendars works but users/{userId}/calendars does not. You can not get access to another user's calendar using this API. More information is provided here.
To access the other user's calendar you should switch to Microsoft Graph API. Then you could use the following endpoints:
Using https://graph.microsoft.com/v1.0/
GET /me/calendar/calendarView
GET /users/{id | userPrincipalName}/calendar/calendarView
GET /groups/{id}/calendar/calendarView
Remember to specify permissions for accessing user's calendars.

Get multiple mobile phone numbers via microsoft graph api from outlook.com contact

Im trying to read all contact data from my outlook.com account into my app via
https://graph.microsoft.com/beta/me/contacts?$top=10000
At first glance, this seems to work well, but later I noticed this:
For contacts with multiple mobile phone numbers, Microsoft only sends the first mobile phone number.
In v1.0 api version of graph, there is simply no field for a second mobile phone number, but in beta api each contact has the property phones, which is a collection of objects of phone resource type. Therefore it should be possible to get multiple mobile phone numbers.
Is this a bug in the API or am I doing something wrong? Is there a different API, that provides all contact data?
EDIT:
As requested per comment: I really mean multiple mobile phone numbers:
It looks like multiple mobile phone numbers isn't supported by Graph. In v1.0 API, each contact has a mobilePhone string property (not an array). In beta Graph API, when you try adding multiple mobile phone numbers to a contact you get the following error:
PATCH https://graph.microsoft.com/beta/me/contacts/{contact-id}
{
"phones": [
{ "number": "1234567891", type: "home"},
{ "number": "9876543210", type: "mobile"},
{ "number": "4564564562", type: "mobile"}, // second mobile number
]
}
// Response
{
"error": {
"code": "ErrorInvalidProperty",
"message": "The multi-value property Phones has too many entries of the following type: of type: contacts:PhoneNumber:MobilePhone. The maximum number allowed is 1.",
"innerError": {
"request-id": "578d85ba-e467-47a4-8cc1-5671fde4a83f",
"date": "2017-12-29T20:07:46"
}
}
}
However, you can get all phone numbers for all contacts in one call when contacts have different types of numbers - home, mobile, etc. I just tested this with an outlook.com account and here are the API calls to set multiple phone numbers on a contact and get them all in one API call.
I found a random contact to test with, copied their ID and made a PATCH request to https://graph.microsoft.com/beta/me/contacts/[contact-id].
Patch body:
{
"phones": [
{ "number": "1234567891", type: "home"},
{ "number": "9876543210", type: "mobile"},
]
}
To confirm the phones were in fact updated, I sent a request to GET https://graph.microsoft.com/beta/me/contacts/[contact-id]/phones and the two phone numbers were returned in the JSON response.
Sending this same request to the v1.0 endpoint won't work since there isn't a phones property on a contact. However, you can still get this data in v1.0 since it's just split across multiple fields.
It looks like sending a request to GET https://graph.microsoft.com/beta/me/contacts?$select=phones returns phones for all users.
The beta API is subject to change so we don't recommend building production applications that depend on the this endpoint. Please keep an eye on the public changelog for when this will move to v1.0.
If you would like to see support for multiple mobile phones in Graph API, please post on our UserVoice.

Resources