Share via

How to get meeting transcript & record content using graph api

Keisuke Ueda 20 Reputation points
2025-05-09T05:54:14.8466667+00:00

I've developed an application that receives change notifications for meeting transcripts and recordings. After receiving these notifications, I'd like to retrieve the meeting transcript and recording.

I've implemented a notification endpoint in my bot application as shown below:

notificationRouter.get("/", async (req, res) => {
  /*
   * Skipped code:
   *  - Get client ID & client secret from environment variables
   *  - Get tenant ID, user ID, meeting ID, and transcript ID from notification body
   */
  const confidentialClient = new msal.ConfidentialClientApplication({
    auth: {
      clientId: clientId,
      clientSecret: clientSecret,
      authority: `https://login.microsoftonline.com/${tenantId}`,
    },
  });
  const tokenResponse = await confidentialClient.acquireTokenByClientCredential(
    {
      scopes: ["https://graph.microsoft.com/.default"],
    }
  );
  const accessToken = tokenResponse.accessToken;
  try {
    const response = await axios.get(
      `https://graph.microsoft.com/v1.0/users/${userId}/onlineMeetings/${meetingId}/transcripts/${transcriptId}`,
      {
        headers: {
          Authorization: `Bearer ${accessToken}`,
          "Content-Type": "application/json",
        },
      }
    );
    res.json(response.data);
  } catch (error) {
    console.error("Error fetching data:", error.response?.data);
    res.status(500).send(error.response?.data || "Internal Server Error");
    return;
  }

However, the API responds with the following error:

Application is not allowed to perform operations on the user 'xxx', neither is allowed access through RSC permission evaluation

Our application appears to have the correct permissions for RSC. The relevant section from our manifest is below:

  "authorization": {
    "permissions": {
      "resourceSpecific": [
        {
          "name": "ChannelMeetingRecording.Read.Group",
          "type": "Application"
        },
        {
          "name": "ChannelMeetingTranscript.Read.Group",
          "type": "Application"
        },
        {
          "name": "OnlineMeetingRecording.Read.Chat",
          "type": "Application"
        },
        {
          "name": "OnlineMeetingTranscript.Read.Chat",
          "type": "Application"
        },
        ...
    ]
  }
}

User's image

How can I fix this issue? References I've consulted the following documentation: https://learn.microsoft.com/en-us/graph/teams-changenotifications-callrecording-and-calltranscript?toc=%2Fmicrosoftteams%2Fplatform%2Ftoc.json&bc=%2Fmicrosoftteams%2Fplatform%2Fbreadcrumb%2Ftoc.json https://learn.microsoft.com/en-us/graph/api/resources/calltranscript?view=graph-rest-1.0&toc=%2Fmicrosoftteams%2Fplatform%2Ftoc.json&bc=%2Fmicrosoftteams%2Fplatform%2Fbreadcrumb%2Ftoc.json

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,687 questions
0 comments
Accepted answer
  1. SrideviM 3,975 Reputation points Microsoft External Staff Moderator
    2025-05-12T10:25:11.8033333+00:00

    Hello Keisuke Ueda,

    I understand you are trying to retrieve the meeting transcript and recording using Microsoft Graph API after receiving change notifications.

    You're calling the endpoint with app-only authentication and encountering an error stating that the application is not allowed to access the user.

    I faced the same error initially when I tried to fetch transcripts without setting up an Application Access Policy:

    User's image

    This happens because, with app-only authentication, Microsoft Graph requires a policy to allow your app to access data on behalf of the meeting organizer.

    Even though your app includes permissions like OnlineMeetingTranscript.Read.Chat, those only work when the app is installed in the Teams chat. They do not apply to calls using the /users/... API path.

    To resolve this, ensure your app has the following Application permissions granted with admin consent in Microsoft Entra ID:

    User's image

    After that, use below PowerShell script to create and assign the Application Access Policy. Make sure to run it while connected to Microsoft Teams using an admin account:

    Install-Module -Name MicrosoftTeams -Force -AllowClobber

Connect-MicrosoftTeams
New-CsApplicationAccessPolicy -Identity "MeetingPolicy" -AppIds "YourAppId"
Grant-CsApplicationAccessPolicy -PolicyName "MeetingPolicy" -Identity "UserObjectId"

    User's image

    Once applied, it may take up to 30 minutes for the policy to take effect. After that, your API call should work if the user in the URL is the meeting organizer and is covered by the policy.

    You can refer to the following Microsoft documentation for more details:

    Let me know if you have any other questions or need any further assistance.

    Hope this helps!

    If this answers your query, do click Accept Answer and Yes for was this answer helpful, which may help members with similar questions.

    User's image

    If you have any other questions or are still experiencing issues, feel free to ask in the "comments" section, and I'd be happy to help.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.