Revoke access of microsoft/outlook account using outlook or graph rest API

1
votes

I'm using Microsoft Graph API for integration of microsoft/outlook calendar in my app.

API reference is here

I want to revoke user's access of their calendars from my app but didn't find any way to do so. I tried with following api but no luck:

DELETE https://graph.microsoft.com/v1.0/users/{user_id}
1
phprestoutlookcalendarmicrosoft-graph-api

1 Answers

0
votes

Well, that command would delete the user entirely. So while that would certainly remove them from the calendar, I'm guessing this isn't the outcome you're looking for. :-)

If you're looking to remove the permission for your app, there are a couple of ways to trigger this:

  1. Simply stop requesting that user's calendars from your app. This won't revoke permission to the calendar however so this likely isn't sufficient.

  2. Drop Calendars.Read and Calendars.ReadWrie from your list of requested scopes.

    • In order to ensure this change is reflected in the user's account, you'll need to re-authenticate the user with the query param prompt=consent auth URI.

  3. Have the user revoke permission for your application entirely. This is done by visiting https://myapps.microsoft.com.

    • There are certain apps that a user cannot directly revoke. These are apps who were granted access at the organization level. To revoke these, an Administrator will need to do this in the Azure Portal.