Required scopes for https://outlook.office.com/api/v2.0/me

Question

I am trying to access userinfo using the outlook rest API: https://outlook.office.com/api/v2.0/me

If I am using the following scopes: "openid", "email", "profile", "offline_access", "https://outlook.office.com/Tasks.ReadWrite"

This works fine for Office 365 accounts but it fails for Outlook.com accounts with the following: 403 (Forbidden) {"error":{"code":"ErrorAccessDenied","message":"Access is denied. Check credentials and try again."}}

If I change the "https://outlook.office.com/Tasks.ReadWrite" scope for "https://outlook.office.com/Contacts.Read" or "https://outlook.office.com/Calendars.Read" it does work for Office 365 and Outlook.com accounts.

Is this a bug ? So what scopes do I need for https://outlook.office.com/api/v2.0/me" ? I prefer not to use the Contacts.Read/Calendar.Read scope for this since that would give much more permissions then necessary.

Thanks for helping!

I reproduce this with my Outlook.com account too. Let me see what I can find. This should work with any Outlook API scope. — Jason Johnston
got a solution? I am stuck in this If I use outlook.office.com/mail.read I get the user's info but i dont want to ask for that permission, If I dont use it I cannot get the users email and name, etc — Diego

ALopez ALopez · Accepted Answer · 2017-08-22T16:07:04

You have to add https://outlook.office.com/user.readbasic.all to the scopes.

Required scopes for https://outlook.office.com/api/v2.0/me

1 Answers