While integrating onlinemeeting schedule api using microsoft graph
schedule api https://graph.microsoft.com/v1.0/me/onlineMeetings
Used to call api using token generated from https://login.microsoftonline.com/tenant id/oauth2/v2.0/token
Getting below response but its working fine in https://developer.microsoft.com/en-us/graph/graph-explorer
{
"error": {
"code": "Forbidden",
"message": "",
"innerError": {
"request-id": "b0a472d0-1658-480b-b41f-855bbe87b705",
"date": "2021-05-12T18:55:15",
"client-request-id": "b0a472d0-1658-480b-b41f-855bbe87b705"
}
}
}
As already stated, you’ll need to have the global admin execute some powershell to activate your application to allow to create online meetings for all/some users.
I’m just wondering what your use case is, for creating just the online meeting without a calendar event?
You can just do the same by creating an event in the users’ calendar and setting that you want an online meeting attached. That way only needs access to the users calendar and doesn’t need some special policy. Additionally the item with join button is right there in the users calendar.
Related
We have created a WP that we have published to Teams that would give owners the possibility to modify the external sharing setting ("AllowToAddGuests") from a tab in their Teams.
We are experiencing a problem when we try to do the set of AllowToAddGuests using an owner account.
The Teams app has :
{
"resource": "Microsoft Graph",
"scope": "Directory.ReadWrite.All"
}
As per MS Graph docs
https://learn.microsoft.com/en-us/graph/api/directorysetting-update?view=graph-rest-beta&tabs=http
should work fine with delegated.
If I execute the graph call in the graph explorer using the owner user it gives the same access error.
All permissions are granted at admin level.
If a global admin is used, then all works fine.
The error I am receiving is the following:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"date": "2020-07-02T15:18:56",
"request-id": "84fe9be9-a4b0-4023-93e6-68dd780ce2ea"
}
}
}
Has the owner the possibility to change the flag AllowToAddGuests or should I do this via an App reg?
Thanks for the answers.
Alex
I am posting this here so that if anybody looks for the same information, they have it here.
At the time of this writing, the answer we got from Microsoft is that for this call to work, the user performing the call (in our case one of the owners) needs to also be a Group Administrator. For our use case this was not doable as any user in the company can potentially be an owner of a MS Teams.
The solution we have chosen is to use application permission with Directory.ReadWrite.All to perform the call. This works as expected now.
Microsoft has also promised they will update the documentation in order to include the current information.
I am invoking Micosoft graph API's to integrate its functionality in my custom application.
When I go to invoke API to delete conversation using group id and conversation ID, I get below response . I am looking at API as mentioned in official Graph API docs. Any idea what is wrong ? I have Group.ReadWriteAll permission for User
{
"error": {
"code": "ErrorInvalidOperation",
"message": "ConversationId isn't supported in the context of this operation.",
"innerError": {
"request-id": "d90689bb-6a3d-4e51-b538-58ecaafaa626",
"date": "2020-05-04T11:02:27"
}
}
}
Conjecture since I don't have enough information:
Currently, DELETE conversation is only supported for delegated access for organizational or school accounts. You cannot use DELETE conversation for application access (when there is not interactive login). You also can't use it with delegated access for personal accounts (outlook.com).
Please provide a sanitized URL and request body as that will make it easier to answer this question.
I'm attempting to get tasks assigned to a specific user from the Graph API, so based off of the sample query in the graph explorer i'm using this endpoint
https://graph.microsoft.com/v1.0/users/<user-email>/planner/tasks
Which works fine for whatever user I'm signed in as, but attempting to get tasks for a user I'm not signed in as will always return with a 403 and say I don't have the required permissions. Group.ReadWrite.All is granted by admin, and according to the graph docs, that should be fine, but no luck.
I've also just created a new demo tenant and one by one granted permissions in the graph explorer with admin and still no luck! So i'm doubting the issue really is permissions. And for the record I've tried v1.0 and beta endpoints, and I've attempted this in a SPFx Web Part, and it doesn't work in practice either.
Not sure that it will help, but this is what is being returned each time:
{
"error": {
"code": "",
"message": "You do not have the required permissions to access this item.",
"innerError": {
"request-id": "b02e3529-a4ae-4825-b4e6-7fc9b1fa228e",
"date": "2019-03-27T12:28:41"
}
}
}
Anyone else ran into this issue or know of a workaround?
Reading tasks for other people is not allowed. We are investigating app-only request support, which should enable this scenario.
I've created a web app with Microsoft Graph API and it has been completed/tested and everything is working as expected. This web app is aimed to create calendar events for our Office 365 users. Right now there are a total of 9 users that calendar events are created for and two of them are having issues.
This is the specific response I get from Microsoft Graph API if I'm creating a calendar event for a user that is having issues:
Message:
{
"error": {
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"innerError": {
"request-id": "4d6efba0-fce2-4abe-9f60-be3df8b55d6f",
"date": "2018-08-29T15:26:58"
}
}
}
I know that everything I'm doing is correct as the other seven users have no issues so the issue must be with the office 365 account its self. I've looked into account settings/permissions and everything I've checked is identical to a user that is working.
One of the biggest issues I'm facing with this problem is I don't understand the error its self. When it says "ResourceNotFound" my guess is that it's saying that it can't find the user account even though it does exist.
My question is what should be the next steps be in order to find a resolution? Should I see if I can recreate the mailboxes and transfer the email from the broken account to a new account? Or should I continue to try to find the root problem?
I'm using the Graph Explorer on developer.microsoft.com to query shared calendars.
Example:
https://graph.microsoft.com/v1.0/users/user#my.com/calendarview?startdatetime=2018-04-19T19:25:06.250Z&enddatetime=2018-04-26T19:25:06.250Z
This works fine on calendars where I have Reviewer or Full Details access. Calendars where I have Free/Busy, subject, location, I get a 404 and response like this:
{
"error": {
"code": "ErrorItemNotFound",
"message": "The specified object was not found in the store.",
"innerError": {
"request-id": "9f9e950f-038e-4411-b813-10a76d4b94fa",
"date": "2018-04-19T19:42:48"
}
}
}
I can open the same calendar with my Outlook client no problem.
My question is, are all of the different permission levels that you see in the Outlook client not supported by Graph? Or is there something I'm doing wrong?
The permissions are consistent with Outlook and Exchange Web Services the difference is when you have "Free/Busy, subject, location" (or even one of the lesser) you only have rights to view the FreeBusy data of the Mailbox you don't have permissions to query the calendar directly which is what your trying to do so the error your receiving is consistent with that fact (and is what you would see in any of the other API's). Outlook (since 2007) uses the getuseravailability when querying the FreeBusy data for a user (which is where that right is valid) the equivalent in graph would be findMeetingTimes https://developer.microsoft.com/en-us/graph/docs/concepts/findmeetingtimes_example
https://graph.microsoft.com/v1.0/me/findMeetingTimes
(I don't think this is quite there on feature parity with EWS and Outlook on FreeBusy data though but its getting there)