Share via

Get user Calendar (403 ErrorAccessDenied)

Marwan Geagea 0 Reputation points
2024-03-21T18:19:56.5833333+00:00

Dear,

I created an application in Azure portal and followed all steps that allows to create an event on a user calendar. All passed smoothly on a test account but when on my customer account, I have an error

Status code = 403

{

"error": {

"code": "ErrorAccessDenied",

"message": "Access is denied. Check credentials and try again."

}

}

every time I try to create an event on a user's calendar or get a user's calendar.

I decoded my access token, please find attached the scope (configured permission). can you please help ?

{ "typ": "JWT", "nonce": "ZWt7ksXVF1U_GCZM0b9ogt1SqqkL161_OYyQ18YyBEg", "alg": "RS256", "x5t": "XRvko8P7A3UaWSnU7bM9nT0MjhA", "kid": "XRvko8P7A3UaWSnU7bM9nT0MjhA" }.{ "aud": "https://graph.microsoft.com", "iss": "https://sts.windows.net/6f675a32-e4ca-405c-bcd1-23782f0824a6/", "iat": 1711043672, "nbf": 1711043672, "exp": 1711048685, "acct": 0, "acr": "1", "aio": "AVQAq/8WAAAAgY+TdubnBnNW+kse2wwerpbordCO2RkU74PG/lM0D0aGkOCMPORvZbL5TI9lS7+gO5oQXRfjdNWRXmP7ZoAiduYsEbc/KP36zLxz7V2w9ZM=", "amr": [ "pwd", "mfa" ], "app_displayname": "Supported account types", "appid": "b61428b1-58d1-474d-9ef9-92eba0409ee1", "appidacr": "1", "given_name": "Confirmation RDV Medical", "idtyp": "user", "ipaddr": "104.156.77.218", "name": "Confirmation RDV Medical", "oid": "a3f7df3c-854b-4e92-990d-2776c75e5533", "onprem_sid": "S-1-5-21-3831099316-2695669196-711433458-7451", "platf": "3", "puid": "100320031B2625BC", "rh": "0.AUYAMlpnb8rkXEC80SN4LwgkpgMAAAAAAAAAwAAAAAAAAADxANo.", "scp": "Calendars.Read Calendars.ReadWrite Group.ReadWrite.All User.Read User.Read.All profile openid email", "sub": "WI3weZexwb-w0AswMDKlPTZgNfEEmLA_iB8ENNT7ybo", "tenant_region_scope": "NA", "tid": "6f675a32-e4ca-405c-bcd1-23782f0824a6", "unique_name": "@cliniqueovo.com", "upn": "@cliniqueovo.com", "uti": "hqtdtlIctkS7hrad9lBaAA", "ver": "1.0", "wids": [ "b79fbf4d-3ef9-4689-8143-76b194e85509" ], "xms_st": { "sub": "PO4v69AveUA4pMS0g6c3ORnp0AxafgSZlnlIkFiFUb8" }, "xms_tcdt": 1579189383 }.[Signature]

Microsoft Security | Microsoft Graph

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yakun Huang 85 Reputation points
    2024-03-25T09:30:47.47+00:00

    Hey there Marwan Geagea

    This 403 error occurs because delegated permissions are used to access another user's calendar, but you need to know that delegated permissions can only be used to access the logged-in user's own calendar. If you need to access another user's calendar, please add the Calendars.Read application permission, and then use the client credentials flow to get an access token, and then you can use this token to get the other user's calendars.

    For more information about the client credentials flow, check out the link:

    https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-client-creds-grant-flow

    If you find this helpful Kindly accept this answer to close this thread thanks much

    Was this answer helpful?

    0 comments
  2. Andy David - MVP 160.2K Reputation points MVP Volunteer Moderator
    2024-03-21T18:33:22.9066667+00:00

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.