Office 365 REST API Beta - retrieving Outlook tasks from other users "forbidden"?

0
votes

I'm curious if anyone else has seen the following behavior from the Office 365 REST API beta when attempting to retrieve Outlook tasks for users other than one's self?

I've confirmed that I've granted my application the necessary permissions for it to retrieve tasks for all users:

https://outlook.office.com/api/beta/me/tasks -> I get a result

https://outlook.office.com/api/beta/users/[email protected]/tasks -> I get a 403 forbidden error

If developer is reading this, could this be an issue w/the beta API which will be corrected in the near future? Or, is there something else which could be going sideways?

Aside from "tasks", I can retrieve contacts, mail, etc. from other users just fine.

Here is the response I get whenever I attempt to query another user's tasks:

HTTP/1.1 403 Forbidden
Transfer-Encoding: chunked

request-id: 5c375fd9-d5ed-4fd3-8e1a-ab3dc61feaf3

X-CalculatedFETarget: BN3PR03CU002.internal.outlook.com

X-BackEndHttpStatus: 403, 403

X-FEProxyInfo: BN3PR0301CA0017.NAMPRD03.PROD.OUTLOOK.COM

X-CalculatedBETarget: BN3PR0501MB1298.namprd05.prod.outlook.com

x-ms-diagnostics: 2000008;reason="The token contains not enough scope to make this delegate access call.";error_category="invalid_grant"

OData-Version: 4.0

X-DiagInfo: BN3PR0501MB1298

X-BEServer: BN3PR0501MB1298

X-FEServer: BN3PR0301CA0017, CO1PR06CA031

X-MSEdge-Ref: Ref A: 5CE3BDDBE9BB483ABA0F13CE2EC07F80 Ref B: 52E8D7443714773298F8956513923AFC Ref C: Thu Jun 30 12:59:31 2016 PST

Cache-Control: private

Date: Thu, 30 Jun 2016 19:59:31 GMT

Set-Cookie: exchangecookie=e4b8e5f48581449893f48eba48413e88; expires=Fri, 30-Jun-2017 19:59:31 GMT; path=/; HttpOnly

Server: Microsoft-IIS/8.5

WWW-Authenticate: Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", error="invalid_token"

X-AspNet-Version: 4.0.30319

X-Powered-By: ASP.NET


{
    "error": {
        "code": "ErrorAccessDenied",
        "message": "Access is denied. Check credentials and try again."
    }
}

It says that, "The token contains not enough scope to make this delegate access call."

However: I have confirmed that 9/9 "Application Permissions" as well as 26/26 "Delegated Permissions" have been granted to the app for the "Office 365 Exchange Online" service. Additionally, the account I'm using is also a Global Administrator for our tenant.

Thanks for any help!

1
restoutlookhttp-status-code-403office365api

1 Answers

0
votes

At present, the Task API requests are always performed on behalf of the signed-in user(refer to target user).

And there is no such scope that for reading task from all users, you can refer to the permissions from figure below:

enter image description here You may submit the feedback from here if you require that the Task API to support for other users.