Getting 403 forbiddon error while creating Teams Meeting Link

Abhishek Sharma 1 Reputation point
2021-04-21T19:23:50.557+00:00

I am using @azure/msal node module to get token and then create teams meeting link in nodeJS without user intervention using the following graph API endpoint:-
https://graph.microsoft.com/v1.0/users/{userId}/onlineMeetings

Below is my JWT token:-
{
"typ": "JWT",
"nonce": "R3hGCTGPk5fX2HocruYlNj00SM8zazby7TLKSmwwDTg",
"alg": "RS256",
"x5t": "nOo3ZDrODXEK1jKWhXslHR_KXEg",
"kid": "nOo3ZDrODXEK1jKWhXslHR_KXEg"
}.{
"aud": "https://graph.microsoft.com",
"iss": "https://sts.windows.net/487aa7ef-6b12-41b3-9622-af6c9f159a88/",
"iat": 1619029274,
"nbf": 1619029274,
"exp": 1619033174,
"aio": "E2ZgYJjnuPRg4y25RzJFO+c1qi4SAwA=",
"app_displayname": "ScheduleMeeting",
"appid": "399487f8-fd76-468b-920c-f2cc35780c15",
"appidacr": "1",
"idp": "https://sts.windows.net/487aa7ef-6b12-41b3-9622-af6c9f159a88/",
"idtyp": "app",
"oid": "9c45a357-8096-4814-9818-99d41afee819",
"rh": "0.AXEA76d6SBJrs0GWIq9snxWaiPiHlDl2_YtGkgzyzDV4DBVxAAA.",
"roles": [
"TeamSettings.ReadWrite.All",
"TeamMember.Read.All",
"Teamwork.Migrate.All",
"TeamsApp.Read.All",
"OnlineMeetings.ReadWrite.All",
"TeamsApp.ReadWrite.All",
"TeamMember.ReadWrite.All",
"Team.ReadBasic.All",
"TeamSettings.Read.All"
],
"sub": "9c45a357-8096-4814-9818-99d41afee819",
"tenant_region_scope": "AS",
"tid": "487aa7ef-6b12-41b3-9622-af6c9f159a88",
"uti": "-BFe2M9nNU-fc2oLypYDAA",
"ver": "1.0",
"xms_tcdt": 1609298167
}.[Signature]

this is my supported account type:-

90047-screenshot-158.png

these are my permissions:-

90048-screenshot-159.png

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,693 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Diana Wanjuhi 1,376 Reputation points
    2021-04-22T12:04:37.38+00:00

    Hello @Abhishek Sharma from the create Online meeting documentation, there is an additional requirement when using application permissions - your administrator must create an application access policy and grant it to a user, authorizing the app configured in the policy to create an online meeting on behalf of that user (user ID specified in the request path). Please see documentation on configuring an application access policy to access online meetings with application permissions.

    Let me know if this helps and if you have further queries,

    Diana.