In Azure Active Directory I've registered a new app and given it the Read and create online meetings
permissions. I've granted admin consent for the permission and now I'm trying to create a meeting through the command line.
I generated a client secret for the app.
Then I'm requesting a access token using my tenant GUID, client ID of the app and client secret I generated. This gives me back a jwt. When I decode the JWT amongst the roles I can see "OnlineMeetings.ReadWrite.All"
which gives me hope that I can actually create meetings using this bearer token.
I then send a POST request to https://graph.microsoft.com/v1.0/users/<my-user-guid>/onlineMeetings
with the following body:
{
"startDateTime":"2021-03-16T14:33:30.8546353-07:00",
"endDateTime":"2021-03-16T15:03:30.8566356-07:00",
"subject":"Application Token Meeting",
"participants": {
"organizer": {
"identity": {
"user": {
"id": "<my-user-guid>"
}
}
}
}
}
and the response comes back with
"code": "Forbidden",
"message": "Application does not have permission to Create online meeting on behalf of this user.",
Am I missing something?
Edit:
I've looked at the access policies, which I didn't configure initially. However I'm stuck here. The documentation first requires me to connect to Skype for Business via PowerShell. Going through the steps I'm running into problems trying to run this command Connect-Microsoft Teams -Credential $userCredential
(I'm running this in the PowerShell console in the azure portal, not locally).
When I use the credentials of my personal Microsoft account I get the following error:
accessing_ws_metadata_exchange_failed: Accessing WS metadata exchange failed: Response status code does not indicate success: 406 (NotAcceptable).
Maybe this is because I'm using my personal account, which isn't a work/school account (although I'm not entirely sure what it means to be a work account)
So I tried it again after I created a new account in the Azure Active Directory page.
This gives me the following:
password_required_for_managed_user: Password is required for managed user
So I'm not sure how to progress now. I'm probably doing something wrong because I don't fully understand the ecosystem and what all the moving parts are