读取其他用户时拒绝Microsoft Graph API 403访问 [英] Microsoft Graph api 403 access denied when reading other users
问题描述
我正在使用angular和nodejs创建一个应用程序,我需要能够读取其他用户的事件列表.现在,我正在尝试使用" https://graph.microsoft .com/v1.0/users/otherusername @ companyurl.com/events ",这使我得到403访问被拒绝.请检查凭据,然后重试.".但是,如果我使用" https://graph.microsoft.com /v1.0/users/myusername@companyurl.com/events "(大多数人都希望这样做).我的问题是,为什么当我使用Outlook时,我可以不用管理员而可以使用调度助手查看"otherusername@companyurl.com"的事件,但是在我的应用程序中由于凭据而看不到它们的事件?
I'm creating an application in with angular and nodejs and I need to be able to read another user's list of events. Right now I am attempting to use "https://graph.microsoft.com/v1.0/users/otherusername@companyurl.com/events" this gives me the 403 "Access is denied. Check credentials and try again.". However, if I use "https://graph.microsoft.com/v1.0/users/myusername@companyurl.com/events" it works(as most would expect). My question is, why is it when I use outlook I can use scheduling assistant to see the events for "otherusername@companyurl.com" without being an admin but in my application I cannot see their events due to credentials?
我用于连接到Microsoft图形API的库为 https://github.com/AzureAD/azure-activedirectory-library-for-js
The library I'm using to connect to microsoft graph api is https://github.com/AzureAD/azure-activedirectory-library-for-js
我在天蓝色中设置的委托权限是
The delegated permissions I have set in azure are
- 查看用户的电子邮件地址
- 登录用户
- 阅读用户联系人
- 具有对用户日历的完全访问权限
- 阅读用户日历
- 以用户身份发送邮件
- 读取目录数据
- 阅读所有用户的基本个人资料
- 登录并阅读用户个人资料
应用程序权限(我理解这些权限需要管理员)
Application permissions (I understand these require admin)
- 阅读所有邮箱中的日历
感谢您的帮助,谢谢.
推荐答案
Fugal-这是设计使然.您可以使用FindMeetingTimes API安排与其他用户的会议.只需使用Calendar.Read权限即可完成此操作.请参见 http://graph.microsoft.io/zh-我们/docs/api-reference/beta/api/user_findmeetingtimes 了解更多信息.
Fugal - This is by design. You can use FindMeetingTimes API to schedule meetings with other users. This can be accomplished with just Calendar.Read permission. See http://graph.microsoft.io/en-us/docs/api-reference/beta/api/user_findmeetingtimes for more info.
为使用/events端点查看其他用户的日历,您需要一个特殊的权限(例如Calendar.Read.Shared),而我们仍在添加过程中.添加之后,您将可以使用/Events访问其他用户明确与您共享的任何日历.但是,如果您只想安排会议,FindMeetingTimes应该就足够了.
For you to view another user's calendar using /events endpoint, you need a special permission (something like Calendar.Read.Shared) that we are still in the process of adding. Once we add that, you will be able to use /Events to access any calendar that another user has explicitly shared with you. But if you want to just schedule meetings, FindMeetingTimes should be sufficient.
这篇关于读取其他用户时拒绝Microsoft Graph API 403访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
