I'm working on an application that does OAuth authorization on behalf of multiple users. My application wants to be able to create a calendar for user A and then share that calendar as read only to user B. It will then create events on that calendar so that they appear for user A as read/write and for user B as read only.
Obviously the Microsoft Graph API supports creating a calendar and putting events on it. My question pertains to the sharing part.
Does the Microsoft Graph API (or the Outlook 365 REST API) support sharing a calendar from one user to another user? I wouldn't want user B to receive the typical email that announces that user A shared a calendar with them. After creating the calendar under user A's account, I'd want to use user A's credentials to set up the sharing permission to user B. Then I would use user B's credentials to add the shared calendar to their list of calendars so that they see it in the Outlook 365 calendar interface.
I've read through a lot of the documentation and have been playing around with a prototype, but I can't find where this use case is supported.
I'm afraid this isn't possible to do via Microsoft Graph. The scenario seems reasonably straight forward, I recommend visiting the UserVoice and adding this suggestion.
Related
In my application, I need to get user data like user name and email, also using API, I use find meeting time and create calendar event. Users those will use application will not be in my AD group.
Is there some scenario for making API workable for external users?
There are certain limitations and for guest users in the organizations:https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0#user-and-group-search-limitations-for-guest-users-in-organizations
For inviting or adding the Add a guest user and send an invitation please refer :https://learn.microsoft.com/en-us/azure/active-directory/external-identities/b2b-quickstart-add-guest-users-portal
Scenarios for accessing the Calendar usually involve the user signing in and granting consent to give delegated permissions. This seems to apply to both Office 365 and Graph APIs.
I have seen solutions here for accessing Calendar without UI, but it involves storing the username and password which is less than desired. The other option is using the Graph API with application permission - unfortunately, the Calendars.ReadWrite permission is for all users: "Read and write calendars in all mailboxes". It's unlikely I can get this access granted by an admin as I work in a large company, not to mention I simply don't need that much access.
So my question is, is there any way to get application permission (or any other way to access outlook calendar without UI) for only a handful of users?
You can use scoping https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/concepts/auth-limit-mailbox-access.md which allows application permissions to be limited to a subset of user. What type of application are you actually trying to create ? Something like getSchedule https://learn.microsoft.com/en-us/graph/api/calendar-getschedule?view=graph-rest-1.0&tabs=http can be used by the logged on user to query another users FreeBusy permission and retrieve a limited subset of information about appointments eg Start,End,Subject,location which is often ample for a lot of calendar applications.
I am implementing a new functionality to manage events in ICLOUD calendar(includes my own calendar as well as other ICLOUD users calendar).I successfully implemented the functionality with CALDAV, but here I wanted to know is there any better approach to do the same.
Below mentioned steps will explain how I achieved ADD/EDIT/DELETE functionality with CALDAV in other ICLOUD users calendar.
otheruser#gmail.com :icloud account of a user who shares his calendar with me
myaccount#gmail.com: referring to my icloud account
otheruser#gmail.com will share his/her calendar with myaccount#gmail.com
Once i accept the request this calendar will be listed in myaccount#gmail.com
Using below CALDAV api I will get all calendars listed in my account
From the response of above request I will get each calendar url and perform add/edit/delete action accordingly.
Note:Here one drawback is I need to ask each user of my application to share(but sharing it private not as public) his personal calendar with my account.
I am using c# as it is a .net application.
Any help would be appreciated.Thanks in advance.
The question is quite broad so it is hard to really figure out what you are looking for.
In any case one thing about your PROPFIND request: You should also ask for the DAV:resourcetype property (defined in https://www.rfc-editor.org/rfc/rfc4918#section-15.9) and, in your response, only consider the ones that have a calendar value in their resource type (see https://www.rfc-editor.org/rfc/rfc4791#section-4.2).
I have a web application that allows users to sign in with their Google Account and create events on a Google Calendar. However, I only want one specific user to edit/delete already existing events in the calendar and all other users should only be able to add events to the Calendar.
A permission similar to this exists on Outlook, which has a permission called Non-editing author. Is the same available for Google Calendar?
both the events.insert and the events.update / events.patch require the scope of
https://www.googleapis.com/auth/calendar read/write access to Calendars
Which technically gives a user access to read and write to any part of the calendar not just the events. Your application is going to have to limit access the calendar api does not give you this ability.
I am thinking to embed google calendar in my website to achieve the following and was wondering if this is doable in google calendar. Otherwise I have to go find another solution.
I have groups of users with one super user, and rest are regular users as follows:
GroupA
Super User 1
Regular User 1
Regular user 2
etc
Group B
Super User 2
Regular User 3
Regular User 4
etc
Each group have their own calendar. Users in each group can not see the other group's calendar. Only able to see their own group's calendar.
Super users of each group have all access to the calendar (add, modify, delete) and have the ability to control how much access regular users have in their group. (read only? read/write etc)
All users are registered to my website, therefore I am thinking to use only one google calendar account (my own account) to create a calendar for each group. Which leads to a question of authenticating my website to google's API. I need the authentication process to be automatic, hidden away from the user and be done on the server side.
My site is built using PHP/Mysql
Q1:
I have tried the Javascript client library provided by google, however it require the user to type in username/password to log into google so that the authentication (OAuth2) process can work. As mentioned in previous paragraph, I only want the user's to log into my website, they do not need to login again into google account. This should be done on serverside.
I even went as far to create a login form with information prepopulated (hidden from the user, the username/password will be visible in "view page source") and send the request to https://accounts.google.com/ServiceLoginAuth, and make the form automatic submit once the user successfully login into my website. However this causes cross domain issues.
Q2:
I may potentially have 10's of thousands of groups registered on my website. each group may have couple hundred users. Can one single google account create that many calendars?
Q3:
Once the calendar is embedded into my website, it seems to be read-only. Is it possible to make it interactive so super users in each group can add/delete/modify events?
Any ideas/suggestions is much appreciated.
Thank you
No answers? It seems like your question is straightforward. If I understand correctly, you want to access calendars from several Google accounts/users. Each user needs to authorize this access, but they only need to do so once. You could generate these requests and send them out via email, for example. When the user grants permission, Google forwards a grant code to your specified callback_uri. The grant code is extremely volatile. It's used to request a token from Google that apparently lasts indefinitely. So there's no requirement that users continually log into Google.
In Google's calendar/simple.php example. The token is stored as a SESSION variable. Even though the token is persistent, the SESSION variable is not. Users have to grant authorization every time the SESSION variable expires. Storing persistent data in a volatile variable is absurd and probably gives the wrong impression about the OAuth2 token mechanism.
I spent a lot of time writing documentation that I couldn't find anywhere else. Please take a look if you think it might help: http://www.tqis.com/eloquency/googlecalendar.htm
What you're asking isn't possible in Google Calendar.
If you're looking to support thousands of groups and each group needs it's own calendar, then you're saying that you'd need thousands of calendars with access control and you'd need authentication to the calendar to be transparent.