In the past I was reading a list of plans of current user with this REST call of the beta-API:
https://graph.microsoft.com/beta/me/plans
In July 2017 the planner API was released and there are also some minor changes to the endpoints, so the REST call in the V1.0-API now is:
https://graph.microsoft.com/v1.0/me/planner/plans
Unfortunately I do not receive all my plans with that endpoint. Apparently I only get plans that exist for a long time, but any newly created plans are not visible. I tried a lot of actions on my plans like subscribing to, assigning tasks to me, favorize the plan in planner hub, making a plan public or private, but nothing helps, new plans remain invisible in the API.
Can anybody explain what the new endpoint exactly does? The documentation for List plans is not very helpfull.
Can anybody explain how I can a list of all plans (title and id) that I am owner or member of?
The only work-around I have found so far is:
1) Read all unified groups
https://graph.microsoft.com/v1.0/me/memberOf/$/microsoft.graph.group?$filter=groupTypes/any(a:a eq 'unified')
2) for each group: read the planner plan for that group
https://graph.microsoft.com/v1.0/groups/<id>/planner/plans
But that would require one request per group, makeing performance horrible on tenants with dozens of groups.
This API returns plans that have been shared with the current user. Plans can be shared with a user by adding the user's id to sharedWith property of planDetails (Edit: currently users do not have permissions to add or remove others from this list). This is a separate set of users from group membership and does not allow access to data for shared users. Instead, the users will have access if they are group members, and lose access if they are removed from the group.
More information and a sample for updating plan details can be found here.
Additionally, you can submit feedback about the API (and other Planner functionality) here.
Related
We're looking for a way to get a list of all currently active PSTN calls being made into MS Teams. We've tried this:
https://learn.microsoft.com/en-us/graph/api/callrecords-callrecord-getpstncalls?view=graph-rest-beta
That's almost exactly what we need except records do not seem to appear here until the call has ended. What we need for the app we're trying to build is live call records.
We've also tried it by creating subscriptions and getting the ID of specific calls then looking up call records, but this data also appears to be delayed.
Is there a method we're missing here, or equally, is this something that may be added to the API some point soon?
Currently there is no graph API to get a list of active PSTN calls in Teams.
Microsoft will always focus on customer’s feedback and experience, some new features would be added to the services based on customers' feedback in the future, we also recommend you give your new idea in Teams UserVoice here.
They clearly mentioned in the document, we can not fetch the details directly. But you can fetch the records from your application. Using app side bearer token.
According to Microsoft Docs, there is a way to scope Graph API application permissions to specific users / mailboxes with a command like this:
New-ApplicationAccessPolicy -AppId e7e4dbfc-046f-4074-9b3b-2ae8f144f59b -PolicyScopeGroupId EvenUsers#contoso.com -AccessRight RestrictAccess -Description "Restrict this app to members of distribution group EvenUsers."
In this case, the application can use all its allowed application permissions (e.g. Mail.Send, Calendars.Read) on the members of the group EvenUsers.
But what if I want to scope a specific permission to a specific group? For example, the application is allowed to send mails as users in group X and is allowed to read the calendars of the users in group Y but not vice versa.
Is this possible?
As far i know, its applicable to specific users or mailboxes; not heard for groups (see comment)
Still if you think you need such granular permissions consider filing an uservoice or upvote to the related ones, so Microsoft can consider implementing it. The closest uservoice i remember is this.
I would like to retrieve a list of all Planner Plans and number of tasks in each Plan. Goal is to understand which plans are actually in use. I used the Graph API for this. However it appears that most the Graph endpoints for Planner and Tasks use Delegation Permissions. In other words, I have to be part of each Planner Plan to even query for it. So even as Global Admin I am unable to pull this information. Is there any way to query for
List of ALL Planner Plans in the tenant
Owner for each Planner Plan
Number of tasks in each Plan
Thanks in advance,
Jake
You can now use application permissions to read this data.
Outdated reply:
Unfortunately it is not possible to get this through Microsoft Graph
API right now. However we do have another API, which is meant for
admins to be able to export their tenant's data, and it can be used to
get this information. You should contact support for this process.
I currently have a script that takes a list of people and creates new Asana projects, one for each person. These people are not in our Asana organization and need to be invited as guests to their respective projects. If I try to include a followers or members property in my API request, I get denied, and the docs list those properties as read-only.
I noticed this question from over a year and a half ago, where an Asana engineer said that it was on the API roadmap and that he hoped to publish it soon. It seems like the engineer in question no longer works at Asana, so replying to him won't help me, but has any progress been made on this front? Being able to invite guests to each project programmatically would be a huge time saver. Thanks!
We decided to keep this as a read-only endpoint. Apologies for the confusion.
You can add and remove followers on a task through the API. Perhaps you could adjust your workflow to use tasks instead of projects.
I'm working on migrating from SOAP to valence API. I'm having some problems with a few calls like getting users (All users, based on role, by userID, etc) and grades (All variations).
I see an empty list returned with no items. There's no error of any kind. When I try to get the data using SOAP, I get the desired data.
I've checked the permissions for "Search for Students", so technically, I should be getting something when I try to get all users or by role id of students. What else am I missing here...
The D2LWS service's authentication mechanism puts the API caller in the position of being a privileged caller. The Valence Learning Framework APIs use a different auth model: the user ID/Key tokens that identify a user get employed by the back-end to restrict the functionality of calls. That is: the authenticated user should have access to the same functionality and data as the user would get through the web UI, and no more.
In this particular case, the calls succeed: they send back all the elements in the result set that your calling user has privileges to see -- none of them.
This is almost certainly an issue with the role privileges afforded to your calling user, and debugging the permissions around calls can be challenging. The Valence project's documentation provides a walkthrough topic on investigating role permissions that might shed let on a possible approach here, especially with respect to the calls to gain access to user records (or properties that appear in user records).
As the walkthrough discusses, there are various aspects to making the general call to /d2l/api/lp/{version}/users/ that bring permissions into play:
If you're trying to filter with a query parameter, does the calling user context have permissions to use the data on which you want to filter
Does the calling user context have permission to see properties affected by User Information Privacy settings
Does the calling user have permission to search for all the user roles they need to, in order find users in the result set
The users call operates on the root organization unit, so the permissions the calling user requires must be set on the organization org unit type.
By contrast, the Grades-related API calls operate not on the root organization unit, but typically on course offerings, sections, or groups. The permissions surrounding the calls there will get checked in the associated org unit types, so the calling user will need the right permissions against those types. Additionally, many of the calls related to course offerings (also sections and groups) require that the calling user be enrolled in the org unit in question (and in some cases, explicitly enrolled, not merely enrolled by cascading enrollment).
If you're sure that your calling user context does give you access to these things (and allows you access to this data through the web UI), and you still see a mismatch like this when you're calling through the API, then you may have uncovered a defect of some kind and you should please ask your organization's support contact, or your account manager, to open a support ticket to report that through Desire2Learn's support desk.