I've created an event on a calendar using Calendar API which in turn in the response, it will give me the link to a Microsoft Team meeting link. This is an example data that I've send when creating the event. Also, I'm calling this API as an App not as a user, so basically all 3 attendees are not part of the AD users.
{
"attendees": [
{
"type": "required",
"emailAddress": {
"address": "attendee1#domain.com",
"name": "Attendee 1"
}
},
{
"type": "required",
"emailAddress": {
"address": "attendee2#domain.com",
"name": "Attendee 2"
}
},
{
"type": "required",
"emailAddress": {
"address": "attendee3#domain.com",
"name": "Attendee 3"
}
}
],
"end": {
"dateTime": "2020-11-13T17:32:39.636Z",
"timeZone": "UTC"
},
"start": {
"dateTime": "2020-11-11T16:32:39.636Z",
"timeZone": "UTC"
},
"subject": "My online meeting",
"isOnlineMeeting": true,
"body": {
"content": "Does this time work for you?",
"contentType": "HTML"
},
"onlineMeetingProvider": "teamsForBusiness",
"allowNewTimeProposals": false
}
In the response, I receive something like this:
...
"onlineMeeting": {
"joinUrl": "https://teams.microsoft.com/l/meetup-join/19%3ameeting_NzRmMDIwMWEtNGYyZS00MmNkLTk3NTAtOGxxxxkOGQ4ZDUx%40thread.v2/0?context=%7b%22Tid%22%3a%22b82fec80-bee7-401e-xxxx-8a312e0a62d1%22%2c%22Oid%22%3a%22112d58ba-xxxx-47ce-a1a8-3d0abebead18%22%7d"
}
...
My problem right now is none of the attendees can start the meeting. I wonder if there's a way programatically either when I'm creating the event or updating the online meeting, to enable the attendees to bypass the lobby and start the meeting.
According to your parameter, I think you use Calendar event api to create an online meeting.
I also tried this and found that the attendees needs permission to enter the meeting room while the creater can enter directly. I googled and found no graph api could modify this configuration. The only way to make every attendee join the meeting without permission is changing the meeting option as 'everyone can bypass the lobby'
By the way, admin role account can login the Microsoft teams admin center and automatically allow people in your organization bypass the lobby. This document tells the detail.
Actually, I used Fiddler to catch the changing option request and got a url like https://teams.microsoft.com/api/mt/amer/beta/meetings/v1/options/.... and an access token. I can use them to change the option successfully by sending a http post request. All seems the answer will appear but unfortunately after analizing the access token I found the api needs a permission https://api.spaces.skype.com which is not supported by Azure ad.
Related
So I've been trying to get email addresses of people that have access to certain files in a Sharepoint document library of a site through the use of the Microsoft Graph API. Below is an example of how my permission object looks like, which is retrieved from https://graph.microsoft.com/v1.0/sites/<site id>/drives/<drive id>/items/<item id>/permissions.
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#sites('...')/drives('...')/items('...')/permissions",
"value": [
{
"id": "...",
"roles": ["owner"],
"grantedTo": { "user": { "displayName": "testsite - Eigenaars" } },
"inheritedFrom": {}
},
{
"id": "...",
"roles": ["read"],
"grantedTo": { "user": {"displayName": "testsite - Bezoekers"} },
"inheritedFrom": {}
},
{
"id": "...",
"roles": ["write"],
"grantedTo": { "user": { "displayName": "testsite - Leden" } },
"inheritedFrom": {}
},
{
"id": "...",
"roles": [
"write"
],
"grantedToV2": {
"siteGroup": {
"displayName": "Developers",
"id": "120",
"loginName": "Developers"
}
},
"grantedTo": {
"user": {
"displayName": "Developers"
}
},
"inheritedFrom": {}
},
{
"id": "...",
"roles": ["owner"],
"grantedTo": {
"user": {
"email": "testsite#mysharepoint",
"id": "uuid",
"displayName": "testsite - Eigenaars"
}
},
"inheritedFrom": {}
}
]
}
I assume the testsite in the displayName property is a group name (probably the group that belongs to the site the file resides in), but I have seen cases where I can't find this group name in the groups retrieved from the /groups endpoint in the Graph API.
You can also see the group Developers, which I haven't managed to find in the full group list retrieved from /groups.
The documentation around this is quite vague and unclear to me. Somewhere I read that this lack of data could be due to authentication scopes, but I have "god mode" administrator rights in this Sharepoint environment, so that would seem strange to me.
My main goal is to be able to get all users that have access to a specific file.
Thanks in advance!
1. I assume the testsite in the displayName property is a group name, but I have seen cases where I can't find this group name in the groups retrieved from the /groups endpoint in the Graph API.
This is because as per Drive Item Permission >> Identity Set >> Identity resource type Quoting
The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using
This can explain why sometimes you don't see the group name in your groups.
I suggest you use the id.
2. My main goal is to be able to get all users that have access to a specific file.
Do you have any users that appear on the Has Access section of the drive item on sharepoint? For users you should be able to get permissions and use the ids to Get directoryObject using the id values from grantedToIdentitiesV2 or grantedToV2 which will return odate type.
GET https://graph.microsoft.com/v1.0/directoryObjects/{id}?$select=id
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects(id)/$entity",
"#odata.type": "#microsoft.graph.group or user or application",
"id": "id"
}
For groups, the users would be the members of the group.
We have an application for the user to book/Edit/Cancel Room mailbox meeting from the portal.
So the user should be able to create a calendar event in the room mailbox and all participants should receive the meeting invite
Could you please advise What permission is required on Graph API other than "Calendars.ReadWrite"
According to the document about creating an online meeting, I tried to call the api and it worked with Calendars.ReadWrite permission, here's the detail.
Creating an Azure Ad app and add api permission
Get the access token , please note I just set ReadWrite as scope.
Call the api according to the document above and will get success response, you can open outlook and find meeting has created in calendar.
And here is my url and parameter:
Post:https://graph.microsoft.com/v1.0/me/events
Authorization:Bearer <access token>
Prefer:outlook.timezone="Pacific Standard Time"
Content-Type:application/json
body:{
"subject": "Prep for customer meeting",
"body": {
"contentType": "HTML",
"content": "Does this time work for you?"
},
"start": {
"dateTime": "2020-11-20T13:00:00",
"timeZone": "Pacific Standard Time"
},
"end": {
"dateTime": "2020-11-20T14:00:00",
"timeZone": "Pacific Standard Time"
},
"location":{
"displayName":"Cordova conference room"
},
"attendees": [
{
"emailAddress": {
"address":"AdeleV#contoso.OnMicrosoft.com",
"name": "Adele Vance"
},
"type": "required"
}
],
"allowNewTimeProposals": true,
"isOnlineMeeting": true,
"onlineMeetingProvider": "teamsForBusiness"
}
Getting isOnlineMeeting false while send isOnlineMeeting true whe we create the event using Graph API.
Could not reproduce the issue while creating a calendar event using Graph API. Kindly confirm if you are able to still reproduce it on your end.
Used the below query to create a new event:
POST https://graph.microsoft.com/v1.0/me/calendars/{id}/events
Request Body:
{
"subject": "Test Create Event",
"IsOnlineMeeting": "True",
"onlineMeetingProvider": "teamsForBusiness",
"body": {
"contentType": "HTML",
"content": "Does this time work for you?"
},
"start": {
"dateTime": "2020-12-18T12:00:00",
"timeZone": "Pacific Standard Time"
},
"end": {
"dateTime": "2020-12-18T14:00:00",
"timeZone": "Pacific Standard Time"
},
"location": {
"displayName": "Conf Room 1"
},
"attendees": [
{
"emailAddress": {
"address": "abc#mxxxxxxx.com",
"name": "Someone"
},
"type": "required"
}
]
}
Outcome: Was able to create a new calendar event with IsOnlineMeeting value set to true.
In case you are trying to update an existing calendar event, there is a known issue in that, where the isOnlineMeeting value keeps toggling between true and false for each update/patch request.
In that case, do not update the body in the request, and it should work.
There is an open bug for the update event issue.
Please refer -> Microsoft team link is not appearing for alternate update calendar events
Had the same problem, I add to add these permissions to the app I was using to create the meeting events:
TeamSettings.Read.All, TeamSettings.ReadWrite.All
As soon as I added them, isOnlineMeeting was correctly set to true, and onlineMeetingProvider was set to teamsForBusiness, as specified in the request.
onlineMeetingUrl is always null, but it's possible to get the meeting url from the "onlineMeeting.joinUrl" property, which is automatically populated by the API.
I have a Microsoft application (with Mail.Read/Write permissions) and I need to insert a mail (.eml extension file) to a user inbox.
Is that possible? I know that with Gsuite that can be done using the 'insert' API and was wondering if something similar exist with Graph API.
I'm not talking about sending new mail to the user or about inserting an attachment to existing message in the user inbox, but to insert completely new email to his inbox (without having to go through SPF or whatever checks that take place before mails usually get into end users inboxes).
Looking into Mail section under Graph API documentation wasn't so helpful.
If that not possible, perhaps there is a workaround?
EDIT: seems like the best option is to use "send mail" API and specify "saveToSentItems": False.. the only issue here as that my application will need to request the Mail.Send permission as well..
Thanks
You don't need to use the send mail api as all your doing is creating an Item in the Mailbox. If you want it to appear as a Sent Mail (rather then a draft) you do need to set the PidTagMessageFlags extended property (the same as you would in EWS https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-import-items-by-using-ews-in-exchange). Also if you want it to appear if its been sent in the past there are few additional extended properties you need to set. eg
{
"Subject": "test1234",
"Sender": {
"EmailAddress": {
"Name": "blah",
"Address": "blah#blah.com"
}
},
"Body": {
"ContentType": "HTML",
"Content": "123Body"
},
"SingleValueExtendedProperties": [
{
"PropertyId": "Integer 0x0E07",
"Value": "1"
},
{
"PropertyId": "SystemTime 0x0039",
"Value": "2019-06-12T10:10:47.2048+10:00"
},
{
"PropertyId": "SystemTime 0x0E06",
"Value": "2019-06-12T10:10:47.2048+10:00"
}
]
}
I am developing a multi-tenant application with the Microsoft Graph API that makes use of the /findMeetingTimes endpoint. After many months of successful requests, on January 15th I started to see some errors coming through for a specific kind of request for some users.
The failing request is a POST to /findMeetingTimes for a single attendee who is the user on who's behalf I'm making the request. The same requests for more than a single attendee are still completing just fine, even if the user who authorized the request is included.
Nothing has changed in my request so this seems like it's either a change on the API side or a change in the user's configuration that's broken their ability to make requests of this type. Any insight on this error in this context would be helpful!
POST https://graph.microsoft.com/v1.0/me/findMeetingTimes
Request body:
{
"attendees": [
{
"emailAddress": {
"address": "[email of user who authorized the request]"
},
"type": "Required"
}
],
"meetingDuration": "PT30M",
"minimumAttendeePercentage": 100,
"maxCandidates": 400,
"timeConstraint": {
"timeslots": [
{
"start": {
"dateTime": [DateTime],
"timeZone": "UTC"
},
"end": {
"dateTime": [DateTime],
"timeZone": "UTC"
}
}
],
"activityDomain": "Unrestricted"
}
}
Returns (one specific example):
500: "Exception has been thrown by the target of an
invocation.", "innerError":{"request-id":"a039234e-f64e-489a-96cf
ff4f686a4389","date":"2018-01-18T01:51:49"}