getSchedule request from Application (not from User?)

Question

I've been trying to utilize the Graph API request getSchedule, where the design logic seems a bit confusing when trying to call upon it from an Application (a function in a Function App resource). The idea is to let the app call getSchedule, for then get the status of meeting rooms (eg. ******@xxxxx.onmicrosoft.com). However, i'd prefer not do being dependent of a general user.

In the documentation for getSchedule (https://learn.microsoft.com/en-us/graph/api/calendar-getschedule?view=graph-rest-1.0&tabs=http), it shows the following two calls:

POST /me/calendar/getSchedule

POST /users/{id|userPrincipalName}/calendar/getSchedule

At first i tried the ../me/.. call as I want the call to be from application (that has access) and not from a user in the tenant, and I got the following response:
{'error': {'code': 'BadRequest', 'message': '/me request is only valid with delegated authentication flow.', ...

The documentation of getSchedule mention it 's possible to call getSchedule with an Application type, with one of the following permissions Calendars.Read, Calendars.ReadWrite.

QUESTION(S): Which leads me to the question. How is the request called when from an application, when /me/ is not allowed for application and only for delegated authentication?

It seems to me it would be good to have example on how to be able to call on getSchedule from an application, or is this not intended in the design to be only called with /user/USER_OBJECT_ID/.. ? Is it expected to have a general user to step in for the application when doing such a call?

I tried aswell with ../user/OBJECT_ID_OF_MY_APP/... (the object ID given to an app under the Azure AD > App registration), with the following response:

{'error': {'code': 'ResourceNotFound', 'message': 'User not found', ...

And the reponse with /user/APP_ID_OF_MY_APP/... .

It works when utilizing an user in the tenant. ../user/USER_OBJECT_ID/... with the following response:

{'@odata.context': 'https://graph.microsoft.com/v1.0/$metadata#Collection(microsoft.graph.scheduleInformation)', 'value': [{'scheduleId': '******@xxxxx.onmicrosoft.com', ...

However, this is not favourable on how to design the code in the function app. If there is any documentation that points out how to do this, I'd gladly be pointed toward it :)

Answer 1

Hi @Emil Jenssen

It depends on your context.

If you are using delegated permissions, then you should call the /me/calendar/getSchedule API, because the /me endpoint only supports delegated contexts, which are used to refer to logged-in users.

If you are using application permissions, then you should call /users/{user object id}/calendar/getSchedule API, because application permissions is an unattended context, that calls the API on behalf of the service principal itself. Since there is no user login in the application context, you need to specify the user in the API.

In this case, if you want to get free/busy availability information for a collection of users, distribution lists, or resources (rooms or equipment) for a specified time period under a specific user's default calendar without that user being logged in, then you can only call the /users/{user object id}/calendar/getSchedule API endpoint.

Hope this helps.

If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.