I would like to create a backend Node.js aplication in order to manage an Outlook Calendar (Create, delete, update events...). However I want to update the same calendar every time (Always the same account). A global calendar to everyone.
The real pourpose is to integrate this calendar Backend with dialogFlow functionality (Similar to this example in Google Calendar https://github.com/dialogflow/fulfillment-bike-shop-nodejs)
I've been looking to https://learn.microsoft.com/en-us/graph/auth-v2-service, but I don't know if it is the correct aproach to do it.
I created an app in Azure Portal, and got my token:
POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token HTTP/1.1
But can't access to https://graph.microsoft.com/v1.0/users/{id}/calendars. The message I get is similar to this:
"code": "OrganizationFromTenantGuidNotFound",
"message": "The tenant for tenant guid '68cc4dcb-5873-4ea0-a498-fe57e9b5d827' does not exist."
I've been looking to
https://learn.microsoft.com/en-us/graph/auth-v2-service, but I don't
know if it is the correct aproach to do it.
I think this is feasible.
"code": "OrganizationFromTenantGuidNotFound",
You need to use the user(tonyju#abc.onmicrosoft.com) to access calendars. And this account must have been assigned a O365 license You can refer to this.
Update:
If you just want to access the calendar of your personal account, you can use auth code flow to get the access token. And then use
https://graph.microsoft.com/v1.0/me/calendars
Related
I want to develop an add in for Outlook which after click on button forward selected email to hardcoded address. What I find is that I must use Graph API to do this, but I lost in documentation on how I get token to make an API call. In Outlook API it is simple as call getCallbackTokenAsync. Is it similar way to get token for Graph API? What is the simplest way of getting this token, best if it could be done without user interaction?
It's straightforward. First you need to register you application in Azure AD, make sure you provide right roles/permissions so that you can get a token. Using the token you can access a protected resource like Microsoft Graph API. You may want to get it started following the documentation/javascript sample.
I'm trying to access a group calendar using the microsoft graph api as the application (I don't want to use delegate permissions).
If I request calendar events using the below I get the events for the user just fine.
https://graph.microsoft.com/v1.0/users/[emailAddress]/events
If I make a request to the following I get group information:
https://graph.microsoft.com/v1.0/groups/[groupId]/
If I make a request to this:
https://graph.microsoft.com/v1.0/groups/[groupId]/events
I get "Access is denied. Check credentials and try again."
In azure portal, I've given my app service the following Application permissions:
Calendars.Read
Calendars.Read.Shared
Group.Read.All
User.Read.All
What am I missing?
Applications permissions to list events is currently not supported. Also, listing events using delegated permissions with a Personal accounts is not supported. Please refer to List Events documentation which has the details. You can also refer to known limitations of Graph here.
A user voice on this feature request is also available here and you can upvote the same so that the product team can include into their plans.
Is there way to customize the Microsoft App permission? The add-in we have built needs read-only access, however, Microsoft permission says our add-in can see and update data anytime. We don't need update access.
We have a windows add-in that subscribes to all calendar events through Graph API. However, our customers have strongly came back on the "Access Data Anytime" permission.
We have now changed our Calendar Permission from "Calendars.ReadWrite" to "Calendars.Read.Shared", however, we still see "Access Data Anytime" which is fine, however, the description is wrong about the update access, we need only to display read access.
"Access Data Anytime" simply means you've requested the offline_access scope so your app receives a Refresh Token. Scopes are not interconnected so it has no way of knowing what other scopes you requested or what data access they may or may not grant.
There is no way to update/customize the description the user sees. Supporting this would expose users to malicious manipulation (i.e. request Users.ReadWrite.All and change the description to 'Only read your username').
I used the Graph Explorer to test against my Office 365 profile. Everything works fine accept the Microsoft Teams (beta) API. If I use GET https://graph.microsoft.com/beta/me/joinedTeams I get
Status Code 401 - Looks like you may not have the permissions for this
call. Please modify your permissions.
{
"error": {
"code": "",
"message": "Authorization has been denied for this request.",
"innerError": {
"request-id": "a1733d8a-5adb-45ad-a0ad-463595d71a89",
"date": "2017-06-09T14:33:11"
}
}
}
There seems no option for give permission for Microsoft Teams. Has anyone figured that out, yet?
The documentation page for listing your joined teams is at https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/api/user_list_joinedteams. It looks like this call requires the User.Read.All or User.ReadWrite.All permissions. To change your permissions in the Graph explorer, you can click Modify Permissions
Then find and enable either permission:
However, these scopes require tenant administrators to let the Graph Explorer use admin only scopes. You can either just login as an administrator to just test with that account, or you can let any user in your organization access admin scopes through the explorer by clicking the link that says grant access to your entire organization.
Also, I'm glad you found the Microsoft Teams samples. We just added these last week and it's great to see developers are trying them out! Thanks for your feedback on the permissions process for the Teams in explorer, I'll pass that along to all the engineers on the project.
I've created a command line tool that lets you bulk create new Microsoft Team channels using the Graph APIs outlined above. It includes instructions on how to register your application for use with your Teams environment - and provide administrative consent so that non-admins can use it.
One of the API calls is to "joinedTeams", which lists the Teams you're currently a member of. Take a look in "SelectJoinedTeam" function in the ChannelSurfCli/Utils/Channels.cs class.
https://github.com/tamhinsf/ChannelSurf
My company is trying to get requests to access non-public user sheets. Here is how we want to go about it:
The user receives a link which contains all the necessary authentication information , and when they open the link, it gives them an alert saying something like "Grant client_id/client_email access to google_sheet"?, and when they click "yes", we get access to read the dataset?
is something like this possible with the google-drive api ?
I have looked at the google-sheet api here and the google-drive-sdk here , but I have not found what I am looking for.
When your application requests non-public user data, it must include an authorization token. The token also identifies your application to Google. Check this Google documentation. Requests to the Google Sheets API for non-public user data must be authorized by an authenticated user. The details of the authorization process, or "flow," for OAuth 2.0 vary somewhat depending on what kind of application you're writing. Check this example.