One suggestion is to remove the cal perms you have and re-add:
Get user Calendar (403 ErrorAccessDenied)
Dear,
I created an application in Azure portal and followed all steps that allows to create an event on a user calendar. All passed smoothly on a test account but when on my customer account, I have an error
Status code = 403
{
"error": {
"code": "ErrorAccessDenied",
"message": "Access is denied. Check credentials and try again."
}
}
every time I try to create an event on a user's calendar or get a user's calendar.
I decoded my access token, please find attached the scope (configured permission). can you please help ?
{ "typ": "JWT", "nonce": "ZWt7ksXVF1U_GCZM0b9ogt1SqqkL161_OYyQ18YyBEg", "alg": "RS256", "x5t": "XRvko8P7A3UaWSnU7bM9nT0MjhA", "kid": "XRvko8P7A3UaWSnU7bM9nT0MjhA" }.{ "aud": "https://graph.microsoft.com", "iss": "https://sts.windows.net/6f675a32-e4ca-405c-bcd1-23782f0824a6/", "iat": 1711043672, "nbf": 1711043672, "exp": 1711048685, "acct": 0, "acr": "1", "aio": "AVQAq/8WAAAAgY+TdubnBnNW+kse2wwerpbordCO2RkU74PG/lM0D0aGkOCMPORvZbL5TI9lS7+gO5oQXRfjdNWRXmP7ZoAiduYsEbc/KP36zLxz7V2w9ZM=", "amr": [ "pwd", "mfa" ], "app_displayname": "Supported account types", "appid": "b61428b1-58d1-474d-9ef9-92eba0409ee1", "appidacr": "1", "given_name": "Confirmation RDV Medical", "idtyp": "user", "ipaddr": "104.156.77.218", "name": "Confirmation RDV Medical", "oid": "a3f7df3c-854b-4e92-990d-2776c75e5533", "onprem_sid": "S-1-5-21-3831099316-2695669196-711433458-7451", "platf": "3", "puid": "100320031B2625BC", "rh": "0.AUYAMlpnb8rkXEC80SN4LwgkpgMAAAAAAAAAwAAAAAAAAADxANo.", "scp": "Calendars.Read Calendars.ReadWrite Group.ReadWrite.All User.Read User.Read.All profile openid email", "sub": "WI3weZexwb-w0AswMDKlPTZgNfEEmLA_iB8ENNT7ybo", "tenant_region_scope": "NA", "tid": "6f675a32-e4ca-405c-bcd1-23782f0824a6", "unique_name": "Confirmationrdvmedical@cliniqueovo.com", "upn": "Confirmationrdvmedical@cliniqueovo.com", "uti": "hqtdtlIctkS7hrad9lBaAA", "ver": "1.0", "wids": [ "b79fbf4d-3ef9-4689-8143-76b194e85509" ], "xms_st": { "sub": "PO4v69AveUA4pMS0g6c3ORnp0AxafgSZlnlIkFiFUb8" }, "xms_tcdt": 1579189383 }.[Signature]
2 answers
Sort by: Most helpful
-
-
Yakun Huang 85 Reputation points
2024-03-25T09:30:47.47+00:00 Hey there Marwan Geagea
This 403 error occurs because delegated permissions are used to access another user's calendar, but you need to know that delegated permissions can only be used to access the logged-in user's own calendar. If you need to access another user's calendar, please add the Calendars.Read application permission, and then use the client credentials flow to get an access token, and then you can use this token to get the other user's calendars.
For more information about the client credentials flow, check out the link:
https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-client-creds-grant-flow
If you find this helpful Kindly accept this answer to close this thread thanks much