Share via

Why am i getting access denied error when i try to access calender of other users in my organization

Saira Munir 125 Reputation points
2024-10-03T09:21:11.3333333+00:00

Hi,

I am getting access denied error , when i access calender of users in my organization . My user account has got full admin access. Then why am i getting this error. I have already activated user consent for

Calenders.ReadBasic & Calenders.Read.

Please check the screenshot and let me know what other access is required

Screenshot 2024-10-03 045536.png

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,770 questions
Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
10,894 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,487 questions
Microsoft Entra
Microsoft Entra
A group of Microsoft multicloud identity and access solutions.
2,551 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,195 questions
0 comments
Accepted answer
  1. Rohit Raghuwanshi - MSFT 625 Reputation points Microsoft External Staff
    2024-10-03T10:41:26.7466667+00:00

    Hi Saira Munir,

    Thank you reaching out, Microsoft!

    The “Access Denied” error you are encountering is likely due to the type of permissions being used. In Graph Explorer, Calendars.ReadBasic and Calendars.Read are delegated permissions, which require the user to be signed in and consent to these permissions. However, to access other users’ calendars, you need to use application permissions instead of delegated permissions.

    Solution Steps:

    Register an Application in Azure AD:

    • Go to the Azure portal and navigate to Azure Active Directory > App registrations > New registration.
    • Enter a name for your application and click Register.

    Configure API Permissions:

    After registering the application, go to API permissions > Add a permission.

    Select Microsoft Graph > Application permissions.

    Add the required permissions such as Calendars.Read or Calendars.ReadWrite.

    Grant Admin Consent:

    Once the permissions are added, click on Grant admin consent for [Your Organization] to grant the necessary permissions.

    Generate a Client Secret:

    Go to Certificates & secrets > New client secret.

    Add a description and set an expiration period, then click Add.

    Copy the client secret value and store it securely.

    Use the Application to Access Calendars:

    • Use the client ID, tenant ID, and client secret to authenticate your application.
    • Make API calls using the application permissions to access user calendars.

    Please refer the below documents for more information:

    https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http
    https://learn.microsoft.com/en-us/graph/auth-register-app-v2

    For testing application permission, you can use Postman with Graph. Please refer below doc for more details: https://learn.microsoft.com/en-us/graph/use-postman

    If my answer is helpful to this question, please remember to "Accept as answer" to close this case and this will help people in this forum who have similar questions to yours find the answer easier.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.