Access MS Graph Shared Calendars with a console application ?

Avadanei, Daniel 21 Reputation points

I'm trying to acces the calendars that have been shared with a user using MS Graph sdk. I have a web app and the necessary permissions like Calendars.Read given. Using postman I manage to read the calendar of a user using{app id}/oauth2/v2.0/authorize for authorization and then{user}/calendar/events for reading calendar events. Everything works fine in postman, but I'm having issues to do the same thing using MSGraph framework. I tried using this example in order to replicate the postman calls in c# but I receive an error saying that

'Code: BadRequest /me request is only valid with delegated authentication flow'

when I used await graphClient.Me.Calendars.Request().GetAsync();


Access is denied. Check credentials and try again

when I used await graphClient.Users["example@ssss .com"].Calendars.Request().GetAsync();

From what I have read the first error with delegated authentication flow appears because I'm using application permissions model and I should be using delegated permissions in this context. The issue is that I don't know how to use ms graph library for delegated permissions model. The only examples that I found involves calling API directly, but I need to use the MS Graph library.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,772 questions
0 comments No comments
{count} votes

Accepted answer
  1. CarlZhao-MSFT 37,466 Reputation points

    Hi @Avadanei, Daniel

    Examples of use ms graph library for delegated permissions model are already provided in the document you shared, please refer to Authorization code provider and Username/password provider.

    var scopes = new[] { "User.Read" };  
    // Multi-tenant apps can use "common",  
    // single-tenant apps must use the tenant ID from the Azure portal  
    var tenantId = "common";  
    // Values from app registration  
    var clientId = "YOUR_CLIENT_ID";  
    var clientSecret = "YOUR_CLIENT_SECRET";  
    // For authorization code flow, the user signs into the Microsoft  
    // identity platform, and the browser is redirected back to your app  
    // with an authorization code in the query parameters  
    var authorizationCode = "AUTH_CODE_FROM_REDIRECT";  
    // using Azure.Identity;  
    var options = new TokenCredentialOptions  
        AuthorityHost = AzureAuthorityHosts.AzurePublicCloud  
    var authCodeCredential = new AuthorizationCodeCredential(  
        tenantId, clientId, clientSecret, authorizationCode, options);  
    var graphClient = new GraphServiceClient(authCodeCredential, scopes);  

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

1 additional answer

Sort by: Most helpful
  1. Vicky Kumar (Mindtree Consulting PVT LTD) 1,156 Reputation points Microsoft Employee

    For your error - 'Code: BadRequest /me request is only valid with delegated authentication flow'

    This is as per design, Client credential flow will generate the token on behalf the app itself, so in this scenario, users don't need to sign in first to generate the token stand for the user and then call the api.

    you should not use the /me endpoint, instead you should use /users/{userID}/calendar/getSchedule

    await graphClient.Users["abc@xyz .com"].Calendars.Request().GetAsync()

    For your another error - Access is denied. Check credentials and try again


    Please check the docs, to see common access denied issue -

    Hope this helps ,