I have been trying to integrate Office 365 Exchange services using OAuth for a web app. We already have an integration for on premise and this integration works with Basic [username:password] authentication with https://outlook.office365.com/EWS/Exchange.asmx
Authorization using: https://login.microsoftonline.com//oauth2/authorize?response_type=code&prompt=consent&client_id=[APP_ID]&redirect_uri=[URL]
Getting token using: POST https://login.microsoftonline.com//oauth2/token
Body: grant_type=authorization_code&code=[Code]&redirect_url=[URL]&scope=https://outlook.office365.com/calendars.readwrite
I was able to get a token successfully.
Application Permissions I set up on Azure App Registration are:
Microsoft Graph Permissions Read and write user and shared calendars Read user and shared calendars Send mail as a user Read user calendars Have full access to user calendars
Office 365 Exchange Online Permissions Read user and shared calendars Read and write user and shared calendars Send mail as a user Read user calendars Read and write user calendars
With the token I acquire, I am trying to create an event using; https://outlook.office365.com/EWS/Exchange.asmx
Header:
- POST /EWS/Exchange.asmx HTTP/1.1
- Host: outlook.office365.com
- client_request_id: [random_guid]
- User-Agent: APPName
- Authorization: Bearer [TOKEN]
Body:
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages"
xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types">
<soap:Header>
<t:RequestServerVersion Version="Exchange2016"/>
</soap:Header>
<soap:Body>
<m:CreateItem SendMeetingInvitations="SendToAllAndSaveCopy">
<m:Items>
<t:CalendarItem>
<t:Subject>Test Event</t:Subject>
<t:Body BodyType="HTML">Test Body</t:Body>
<t:Start>2018-11-17T08:00:00.000</t:Start>
<t:End>2018-11-17T09:00:00.000</t:End>
<t:StartTimeZone Id="Pacific Standard Time"/>
<t:EndTimeZone Id="Pacific Standard Time"/>
</t:CalendarItem>
</m:Items>
</m:CreateItem>
This is the response I am getting with status code 401:
Server →Microsoft-IIS/10.0
request-id →b6d17647-5285-4c40-9087-3875958750b2
X-CalculatedFETarget →MWHPR1601CU001.internal.outlook.com
X-BackEndHttpStatus →401
X-BackEndHttpStatus →401
Set-Cookie →exchangecookie=947fe20a28e842068b3fe78a71b4e15b; path=/
X-FEProxyInfo →MWHPR1601CA0011.NAMPRD16.PROD.OUTLOOK.COM
X-CalculatedBETarget →MWHPR2001MB1823.namprd20.prod.outlook.com
X-RUM-Validated →1
x-ms-diagnostics →2000003;reason="The audience claim value is invalid 'aud'.";error_category="invalid_resource"
X-BeSku →Gen9
X-DiagInfo →MWHPR2001MB1823
X-BEServer →MWHPR2001MB1823
X-FEServer →MWHPR1601CA0011
X-FEServer →BYAPR05CA0077
X-Powered-By →ASP.NET
WWW-Authenticate →Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", authorization_uri="https://login.windows.net/common/oauth2/authorize", error="invalid_token",Basic Realm="",Basic Realm="",Basic Realm=""
Date →Wed, 14 Nov 2018 22:07:28 GMT
Content-Length →0
I have been reading and making research for the last two days but could not find anything similar where other devs tried same integration.
Could you please advise? Maybe there is someone who can explain what I am doing wrong.
Thank you!
