I am developing a SaaS application that requires external organizations' AD users to sync appointments to Office 365 calendar event.
Admin user scenario:
- Admin imports all AD Users to the app.
- The app redirects the admin to Microsoft login and request permissions.
- Admin allows the app to access users' calendars.
Normal usersScenario:
- User logs in to the app.
- User creates an appointment and sync to Office 365 Calendar (without asking for permissions).
I'm using the following endpoints in Microsoft Graph API:
Authority = "https://login.microsoftonline.com/common/oauth2/authorize"
Resource = "https://graph.microsoft.com/"
If I wanted to give normal users access to their Microsoft data, do I need to change the tenant "common" to their tenant ids?
My other question is how does admin consent work based on my scenarios?