MS Graph: New event in Outlook calendar using application permissions

Question

We used to create events in the calendar »delegated« application; that works.
But we have problems with the authentication – it's not useful for the workflow, therefore we changed the MS Graph application type from »delegated« to »application« permissions.

To test this changes we try to use MS Graph Explorer, but we don't how to do, because we are confuses with all the IDs.

With the previous version –with »delegated« application– we did first the authentication and than this to create the event:

POST https://graph.microsoft.com/v1.0/me/calendars/{calendar-id}**/events

How do we now the authentication or how we have to create the event with »application« permissions?
Can we send the post above and just replace the »me«?
Is the »me« than »user (ID)«, »application (ID)« or have we still to use the »Tenant-ID«.
All the MS Graph Explorer examples uses »me«.

Have you any hint how we can test or just how to do this with the »application permission«?

We still only want to post an event.

We posted a previous question:
https://learn.microsoft.com/en-us/answers/questions/5610251/ms-graph-new-event-in-outlook-calendar-using-one-o?comment=question#comment-2347117

Answer 1

Hello Klaus Schweinzer,

When you switch to application permissions, the behavior changes because there is no signed-in user. That means the /me endpoint will not work. Instead, you need to target the specific user’s calendar by using their user object ID (GUID) or email (UPN), for example:

POST https://graph.microsoft.com/v1.0/users/{user-id-or-email}/calendars/{calendar-id}/events

To authenticate, you’ll need an app-only token using the client credentials flow. You can get this in Postman:

POST https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token

grant_type: client_credentials
client_id: {app-id}
client_secret: {secret}
scope: https://graph.microsoft.com/.default

Use this returned access_token for creating calendar event request like this:

POST https://graph.microsoft.com/v1.0/users/{user-id-or-email}/calendars/{calendar-id}/events

{
  "subject": "Test Event",
  "body": {
      "contentType": "HTML",
      "content": "Event created with app permissions"
  },
  "start": {
      "dateTime": "2025-11-21T10:00:00",
      "timeZone": "Pacific Standard Time"
  },
  "end": {
      "dateTime": "2025-11-21T11:00:00",
      "timeZone": "Pacific Standard Time"
  }
}

Make sure your app has Calendars.ReadWrite (Application) permissions with admin consent.

Important note: This works only for work/school (Microsoft 365) accounts. App-only calls cannot create events in personal Outlook.com mailboxes, as those require a signed-in user.

Graph Explorer cannot be used for app-only scenarios, since it only works with delegated permissions. Postman or your own script is the right tool for testing app-only calls.

Hope this helps! Let us know if any further queries.

---

If this answers your query, do click Accept Answer and Yes for was this answer helpful, which may help members with similar questions.