GRAPH API does not work for Schedule/Shifts 403 Error

Darwin Ranzone 20 Reputation points

I am triying to retrieve shifts using the graph API

I have created a test channel and created test schedules and shifts

But i am getting 403 error when i try to retrieve it, i have checked the documentation and it seems i have done as described but when i try to retrieve Schgedules or Shifts i get an error 403

I added the permissions described in the documentation to my app registration, i am using application permissions in this case:


Below is my sample code

I am able to run a request agaiinst "$($TeamGUID)" without any issues but i cannot run a request against the other 2 URIs

# Azure AD App Credentials
$ApplicationClientID = 'aaaaaaaaa'
$TenantID = 'bbbbbbbbbbbbbbbbbbbbb'
$ClientSecret = 'cccccccccccccccccccccc'
$TeamGUID = 'ddddddddddddddddddddddddd'

# Function to acquire access token
function Get-GraphAccessToken {
    $tokenEndpoint = "$TenantID/oauth2/v2.0/token"
    $body = @{
        grant_type    = "client_credentials"
        scope         = ""
        client_id     = $ApplicationClientID
        client_secret = $ClientSecret
    $response = Invoke-RestMethod -Method Post -Uri $tokenEndpoint -Body $body
    return $response.access_token

# Acquire the access token
$token = Get-GraphAccessToken

# Function to make a GET request to the Graph API
function Invoke-GraphApiRequest {
    param (

    $headers = @{
        Authorization = "Bearer $token"
        "Content-Type" = "application/json"

    try {
        $response = Invoke-RestMethod -Headers $headers -Uri $RequestUrl -Method Get
        return $response
    catch {
        Write-Error "Error: $_"

# Prompt for the Graph API URL
#$graphApiUrl = Read-Host -Prompt "Enter the Graph API URL"

$graphApiUrl = "$($TeamGUID)"
#$graphApiUrl = "$($TeamGUID)/schedule"
#$graphApiUrl = "$($TeamGUID)/schedule/shifts"

# Make the Graph API request
$response = Invoke-GraphApiRequest -RequestUrl $graphApiUrl

# Output the response
$response | ConvertTo-Json | Write-Output

Is this a bug?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
9,060 questions
Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
2,523 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
17,461 questions
{count} votes

Accepted answer
  1. CarlZhao-MSFT 31,736 Reputation points

    Hi @Darwin Ranzone

    When you call the above API using an application-only token, you need to provide the MS-APP-ACTS-AS request header.

    User's image


    User's image

    By the way, the user you provide in the request header must be a member of the current team.

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

0 additional answers

Sort by: Most helpful