1

Summary:

  1. I have a WinForms app where multiple users from my organization login to.
  2. From within this WinForm app, I want to call my Web API which internally processes some calendar related events (like create new meeting, fetch meeting responses, etc.) for precisely allotted MeetingManager user
  3. Here, we intend to use Microsoft Graph API to do all our stuff
  4. And since the Web API is going to handle this internally at its endpoint, we seek no interactive screen in between (neither for user login nor for granting permissions at consent page). All this should happen in background without any user interaction in between.
  5. How can I achieve this?

Note: I am a beginner to Microsoft Graph API and Web application domain

Graph API Mock up:

Graph API Mock up

Bertrand Martel
  • 42,756
  • 16
  • 135
  • 159
Sushil Zad
  • 21
  • 4
  • 1
    Welcome to StackOverflow! Show us what you tried, and we'll try to help you. – Stefano Bonetti Dec 29 '16 at 11:08
  • Thanks for your reply! The scenario which I have described above best suits with what I found here [link] (https://blog.kloud.com.au/2015/12/14/implementing-application-with-o365-graph-api-in-app-only-mode/) Here, I followed the steps as described and ran the sample app. It works good for fetching "Organization" details. But when I try to replace it with "Calendar" it responds back with 400 bad request error. I double checked with appropriate permissions set for Application Permissions (and nothing set for Delegated Permissions yet) and debug url too. What am I missing here? Any alternate? – Sushil Zad Dec 29 '16 at 12:26
  • Also, as described on the same page are discussions/post comments related to User Role to which I have updated my User role to Global Administrator. So, I have tried covering most of the pre-requisites as possible. But if there's anything I have overlooked or left out yet, please let me know. – Sushil Zad Dec 29 '16 at 12:32

1 Answers1

2

You can get this by app-only authentication method. Get an app-only access token and use it for authentication.

I am also struggling on a similar type of question and I need to retrieve planner tasks. For planner tasks app-only scope is not supported but In your case I think it should work

Read both these links for more details.

https://graph.microsoft.io/en-us/docs/authorization/app_only

https://graph.microsoft.io/en-us/docs/authorization/permission_scopes

مسعود
  • 679
  • 10
  • 25
  • Thanks for your suggestion, but the sample code I am trying with (in aforementioned reply) indeed works on the same principle. At first attempt it all went good, but later on somehow it started popping up this error for every run **"Message":"Response status code does not indicate success: 403 (Forbidden)."**. I tried with different tenants, users, recreating-deleting-re-configuring the application and started everything from scratch but the same error is getting displayed. I wonder why!? Any idea for what is causing failure? Or any pointers pertaining to this topic would be of great help! – Sushil Zad Dec 30 '16 at 09:13
  • Can you post a client request Id (or correlationID) and the UTC timestamp please (for the failure). This might help us determine what's going on. – Dan Kershaw - MSFT Dec 31 '16 at 20:21
  • Using Fiddler I can properly get the access token for client_credentials flow but furthermore when I try to access things related to calendar I get following error. (you can find the client request id in below error message) "error": { "code": "ResourceNotFound", "message": "Resource could not be discovered.", "innerError": { "request-id": "074db390-c7e7-4fb8-b9b8-80b35855a5d9", "date": "2017-01-02T13:46:25" } } – Sushil Zad Jan 02 '17 at 13:46
  • 1. My appsettings.json looks like: "GraphApp": { "Tenant": "my_tenant_name_here.onmicrosoft.com", "AuthUrl": "https://login.microsoftonline.com/{0}", "GraphUrl": "https://graph.microsoft.com", "Version": "v1.0", "ClientId": "48XXXX6c-XXXX-4535-967f-XXXXXX", "ClientSecret": "XXXXXXx4dZusqEBMhJLhWSwth4vf8XXXXXXXX", "AppId": "https://my_tenant_name_here.onmicrosoft.com/XXXX7beb-XXXX-XXXX-b29c-XXX" } 2. Only Application permissions set to: a. Read and write calendars in all mailboxes b. Read and write directory – Sushil Zad Jan 02 '17 at 13:58
  • I am desperately looking for a better solution or some workaround for this. Any suggestions? Any pointers would be of great help...Thanks in advance – Sushil Zad Jan 03 '17 at 14:55
  • @SushilZad - did you get a solution for this? I am also trying out something like this and not able to prevent the signin part. – Sarvavyapi Oct 29 '18 at 14:54