Access denied or Not Found errors from Graph API while Access other users calendar in Office 365

0
votes

I want to access other user calendars of my organization from my admin account on Microsoft office 365. On office 365 I can search and access those calendars. I want to Access these (other user's) calendars using Microsoft Graph API. Here are the official documentations for accessing office 365 calendar using Graph APIs. 1. Calendars from Users 2. Directly Access Calenders

Here is my Auth Helper class in which I am defining my permission scopes

module AuthHelper

  CLIENT_ID = '91e6****-****-40f7-9b46-******d1149c'
  CLIENT_SECRET = 'pftjo*******55;hwSN2-(%'

  SCOPES = [ 'openid',
             'profile',
             'User.Read',
             'Mail.Read',
             'Calendars.Read',
             'Calendars.Read.Shared' ]

  def get_login_url
    client = OAuth2::Client.new(CLIENT_ID,
                                CLIENT_SECRET,
                                :site => 'https://login.microsoftonline.com',
                                :authorize_url => '/common/oauth2/v2.0/authorize',
                                :token_url => '/common/oauth2/v2.0/token')

    login_url = client.auth_code.authorize_url(:redirect_uri => authorize_url, :scope => SCOPES.join(' '))
  end

  def get_token_from_code(auth_code)
    client = OAuth2::Client.new(CLIENT_ID,
                                CLIENT_SECRET,
                                :site => 'https://login.microsoftonline.com',
                                :authorize_url => '/common/oauth2/v2.0/authorize',
                                :token_url => '/common/oauth2/v2.0/token')

    token = client.auth_code.get_token(auth_code,
                                   :redirect_uri => authorize_url,
                                   :scope => SCOPES.join(' '))
  end

Trying postman:

https://graph.microsoft.com/v1.0/users query along with headers showing me all users but

GET /users/{id | userPrincipalName}/calendars query showing me 404 Not Found error.

In short, I can access other user's calendar from search bar of my office365 application but can not access using

any of these methods.

1
ruby-on-railsoffice365microsoft-graph-apioffice365apioutlook-calendar

1 Answers

0
votes

It looks like only apps that run outside of a user context (like a service/daemon app) can access every calendar in the organization. Getting access tokens for apps that run without the presence of a signed-in user is a bit different and you'll need to go through the admin consent flow to give your app access to everyone's calendar. I just tested this and Calendars.Read is the only scope you need.

enter image description here

The steps are:

  1. Register your app
  2. Add Calendars.Read as an application permission
  3. Grant admin consent to your app by going to a URL like https://login.microsoftonline.com/{REPLACE WITH TENANT}/adminconsent?nonce=graph&prompt=select_account&client_id={REPLACE_WITH_APP_ID}&response_type=token&redirect_uri=https://localhost:3001&state=foobar

Once I got an access token, the rest call to access another users calendar was exactly what you posted in the question:

GET https://graph.microsoft.com/v1.0/users/[user-id]/calendars

Once you have a calendar ID you can view their calendar events at:

GET https://graph.microsoft.com/v1.0/users/[user-id]/calendars/[calendar-id]/events

I encourage you to see our calendar samples in the Graph explorer.

enter image description here