Share via

How can I create a change notification subscription with other users resources?

Syifa Prasetyo 20 Reputation points
2024-02-16T07:16:34.0133333+00:00

I am trying to create an application that would allow admins to log in to their Microsoft account and create a change notification subscription with other user resources in the subscription request. I have attempted to create the subscription using the code below:

const subscription = {
       changeType: 'created,updated',
       notificationUrl: notificationUrl,
       lifecycleNotificationUrl: lifeNotificationUrl,
        resource: `/users/${userPrincipalName}/mailfolders('inbox')/messages?$select=sender,subject,bodyPreview`,
       expirationDateTime: expirationDateTime,
       clientState: clientState,
       applicationId: appId,
       creatorId: userId,
       includeResourceData: true,
       encryptionCertificate: encryptionCertificate,
       encryptionCertificateId: encryptionCertificateId,
};

await client.api('/subscriptions').post(subscription);

The userPrincipalName in this case refers to the target user. I have added the permission shown in the image below to the application: User's image However, I am receiving the error message: Error: Operation: Create; Exception: [Status Code: Forbidden; Reason: Access is denied. Check credentials and try again.] What am I doing wrong, and how can I resolve this issue?

Microsoft Security Microsoft Graph
Accepted answer
  1. Saranya Madhu-MSFT 2,375 Reputation points Microsoft External Staff
    2024-02-16T19:37:18.17+00:00

    Hi @Syifa Prasetyo ,

    Thanks for reaching out!!!

    To create a subscription with message resources, the application needs to have the appropriate delegated or application permissions for the resource specified in the subscription request.

    As I can understand that you are trying to subscribe to other Users' resources, you need to have application permission -Mail.ReadBasic, Mail.Read and the user or admin has to grant consent for the application to access the specified resource.

    To resolve this issue, please ensure that it has the necessary permissions and consent to access the resource specified.

    Document Reference: https://learn.microsoft.com/en-us/graph/outlook-change-notifications-overview#request-permissions

    Hope this helps. If the answer is helpful, please click "Accept Answer" and kindly Upvote. If you have further questions about this answer, please click "Comment".

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.