I'm currently developing a small managing app that should create events within a specific Microsoft calendar but I'm only able to do this for me as the authorized user.
Is there an option to create events for everyone in this calendar with only knowing the userPrincipalName?
{
"subject": "test",
"body": {
"contentType": "HTML",
"content": "Sample Text"
},
"start": {
"dateTime": "2019-04-04T12:00:00",
"timeZone": "Pacific Standard Time"
},
"end": {
"dateTime": "2019-04-04T14:00:00",
"timeZone": "Pacific Standard Time"
},
"location":{
"displayName":"Testlocation"
}
}
https://graph.microsoft.com/v1.0/users/myPricipalName/calendar/events works but only for me.
The whole documentation is a bit overwhelming
The answer is yes, but you're right about the documentation...
You'll have to take the following steps:
Create an application documentation
Add the following permission Read and write calendars in all mailboxes for the Microsoft Graph API.
Grant the permission for your tenant (the easiest way is through https://portal.azure.com -> Azure AD -> App Registrations -> Your App -> Settings -> Required permissions -> Button Grant Access.
Request a token with the client id and secret, this is called the Client credentials flow documentation
(optional) Inspect the token on https://jwt.ms to see if the token is correct.
Create an event documentation
Celebrate your accomplishment with some refreshments.
The best approach would be to get an application token, an application which has been granted permission to write users’ calendars.
Related
I've created an event on a calendar using Calendar API which in turn in the response, it will give me the link to a Microsoft Team meeting link. This is an example data that I've send when creating the event. Also, I'm calling this API as an App not as a user, so basically all 3 attendees are not part of the AD users.
{
"attendees": [
{
"type": "required",
"emailAddress": {
"address": "attendee1#domain.com",
"name": "Attendee 1"
}
},
{
"type": "required",
"emailAddress": {
"address": "attendee2#domain.com",
"name": "Attendee 2"
}
},
{
"type": "required",
"emailAddress": {
"address": "attendee3#domain.com",
"name": "Attendee 3"
}
}
],
"end": {
"dateTime": "2020-11-13T17:32:39.636Z",
"timeZone": "UTC"
},
"start": {
"dateTime": "2020-11-11T16:32:39.636Z",
"timeZone": "UTC"
},
"subject": "My online meeting",
"isOnlineMeeting": true,
"body": {
"content": "Does this time work for you?",
"contentType": "HTML"
},
"onlineMeetingProvider": "teamsForBusiness",
"allowNewTimeProposals": false
}
In the response, I receive something like this:
...
"onlineMeeting": {
"joinUrl": "https://teams.microsoft.com/l/meetup-join/19%3ameeting_NzRmMDIwMWEtNGYyZS00MmNkLTk3NTAtOGxxxxkOGQ4ZDUx%40thread.v2/0?context=%7b%22Tid%22%3a%22b82fec80-bee7-401e-xxxx-8a312e0a62d1%22%2c%22Oid%22%3a%22112d58ba-xxxx-47ce-a1a8-3d0abebead18%22%7d"
}
...
My problem right now is none of the attendees can start the meeting. I wonder if there's a way programatically either when I'm creating the event or updating the online meeting, to enable the attendees to bypass the lobby and start the meeting.
According to your parameter, I think you use Calendar event api to create an online meeting.
I also tried this and found that the attendees needs permission to enter the meeting room while the creater can enter directly. I googled and found no graph api could modify this configuration. The only way to make every attendee join the meeting without permission is changing the meeting option as 'everyone can bypass the lobby'
By the way, admin role account can login the Microsoft teams admin center and automatically allow people in your organization bypass the lobby. This document tells the detail.
Actually, I used Fiddler to catch the changing option request and got a url like https://teams.microsoft.com/api/mt/amer/beta/meetings/v1/options/.... and an access token. I can use them to change the option successfully by sending a http post request. All seems the answer will appear but unfortunately after analizing the access token I found the api needs a permission https://api.spaces.skype.com which is not supported by Azure ad.
We have an application for the user to book/Edit/Cancel Room mailbox meeting from the portal.
So the user should be able to create a calendar event in the room mailbox and all participants should receive the meeting invite
Could you please advise What permission is required on Graph API other than "Calendars.ReadWrite"
According to the document about creating an online meeting, I tried to call the api and it worked with Calendars.ReadWrite permission, here's the detail.
Creating an Azure Ad app and add api permission
Get the access token , please note I just set ReadWrite as scope.
Call the api according to the document above and will get success response, you can open outlook and find meeting has created in calendar.
And here is my url and parameter:
Post:https://graph.microsoft.com/v1.0/me/events
Authorization:Bearer <access token>
Prefer:outlook.timezone="Pacific Standard Time"
Content-Type:application/json
body:{
"subject": "Prep for customer meeting",
"body": {
"contentType": "HTML",
"content": "Does this time work for you?"
},
"start": {
"dateTime": "2020-11-20T13:00:00",
"timeZone": "Pacific Standard Time"
},
"end": {
"dateTime": "2020-11-20T14:00:00",
"timeZone": "Pacific Standard Time"
},
"location":{
"displayName":"Cordova conference room"
},
"attendees": [
{
"emailAddress": {
"address":"AdeleV#contoso.OnMicrosoft.com",
"name": "Adele Vance"
},
"type": "required"
}
],
"allowNewTimeProposals": true,
"isOnlineMeeting": true,
"onlineMeetingProvider": "teamsForBusiness"
}
Trying to develop a Microsoft Graph based application. Trying to set OOF (Out of Office) messages using Delegated permission. I made sure that i have MailboxSettings.ReadWrite permission set. I tried calling PATCH, but it doesnt give any errors and also it's not updating the OOF update request in mailbox settings as well. Any pointers/sample would be of help.
I tried the below payload with MS Graph explorer & POSTMAN - it works for me!!
PATCH https://graph.microsoft.com/v1.0/me/mailboxSettings
Content-Type: application/json
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#Me/mailboxSettings",
"automaticRepliesSetting": {
"status": "Scheduled",
"scheduledStartDateTime": {
"dateTime": "2020-03-20T18:00:00.0000000",
"timeZone": "UTC"
},
"scheduledEndDateTime": {
"dateTime": "2020-03-28T18:00:00.0000000",
"timeZone": "UTC"
}
}
}
You can refer the documentation as well.
In Microsoft Teams When I add new users to a chat it creates a new "group" chat (not sure what it's called).
Add Users
Group Chat example
Is it possible to create groups like these with the Microsoft Graph API?
Maybe by the time this question was asked this was not possible, but right now MS Graph API allows this.
Here is an official link to documentation
From documentation if you would like to use REST API here is an example
POST https://graph.microsoft.com/v1.0/chats
Content-Type: application/json
{
"chatType": "group",
"topic": "Group chat title",
"members": [
{
"#odata.type": "#microsoft.graph.aadUserConversationMember",
"roles": ["owner"],
"user#odata.bind": "https://graph.microsoft.com/v1.0/users('8c0a1a67-50ce-4114-bb6c-da9c5dbcf6ca')"
},
{
"#odata.type": "#microsoft.graph.aadUserConversationMember",
"roles": ["owner"],
"user#odata.bind": "https://graph.microsoft.com/v1.0/users('82fe7758-5bb3-4f0d-a43f-e555fd399c6f')"
},
{
"#odata.type": "#microsoft.graph.aadUserConversationMember",
"roles": ["owner"],
"user#odata.bind": "https://graph.microsoft.com/v1.0/users('3626a173-f2bc-4883-bcf7-01514c3bfb82')"
}
]
}
Please make sure to take care of the Authentication Microsoft Graph auth overview
There are also Microsoft Graph SDKs availalbe
Unfortunately, there is no such API to create a new chat group yet. There is already a feature request for the same here. You can watch the space for more updates
I'm trying to use the Sample Graph API app to change a user's password but I'm getting:
Error Calling the Graph API Response:
{
"odata.error": {
"code": "Authorization_RequestDenied",
"message": {
"lang": "en",
"value": "Insufficient privileges to complete the operation."
}
}
}
Graph API Request:
PATCH /mytenant.onmicrosoft.com/users/some-guid?api-version=1.6 HTTP/1.1
client-request-id: ffd564d3-d716-480f-a66c-07b02b0e32ab
date-time-utc: 2017.08.10 03:04 PM
JSON File
{
"passwordProfile": {
"password": "Somepassword1$",
"forceChangePasswordNextLogin": false
}
}
I've tested updating the user's displayName and that works fine.
{
"displayName": "Joe Consumer"
}
AD Application Permissions
I've configured my app permissions as described here.
Check out this article. Seems like it has the same symptoms.
Solution 1:
If you are receiving this error when you call the API that includes only read permissions, you have to set permissions in Azure Management Portal.
Go to Azure Management Portal and click Active Directory.
Select your custom AD directory.
Click Applications and select your Application.
Click CONFIGURE and scroll down to the section 'Permissions to other applications'.
Provide required Application Permissions and Delegated Permissions for Windows Azure Active Directory.
Finally save the changes.
Solution 2:
If you are receiving this error when you call the API that includes delete or reset password operations, that is because those operations require the Admin role of Company Administrator. As of now, you can only add this role via the Azure AD Powershell module.
Find the service principal using Get-MsolServicePrincipal –AppPrincipalId
Get-MsolServicePrincipal | ft DisplayName, AppPrincipalId -AutoSize
Use Add-MsolRoleMember to add it to Company Administrator role
$clientIdApp = 'your-app-id'
$webApp = Get-MsolServicePrincipal –AppPrincipalId $clientIdApp
Add-MsolRoleMember -RoleName "Company Administrator" -RoleMemberType ServicePrincipal -RoleMemberObjectId $webApp.ObjectId
To connect to your B2C tenant via PowerShell you will need a local admin account. This blog post should help with that, see "The Solution" section.
Try below settings, works for me.
Used the below JSON
{
"accountEnabled": true,
"signInNames": [
{
"type": "emailAddress",
"value": "kart.kala1#test.com"
}
],
"creationType": "LocalAccount",
"displayName": "Joe Consumer",
"mailNickname": "joec",
"passwordProfile": {
"password": "P#$$word!",
"forceChangePasswordNextLogin": false
},
"passwordPolicies": "DisablePasswordExpiration",
"givenName": "Joe",
}
Also make sure you assign the application the user account, administrator role which will allow it to delete users link here