Menu
I am trying to integrate to Office365 API through JavaScript with adal.js and jQuery (OAuth implicit flow), but I am having issues trying to create a calendar event for my user. My existing code works fine when retrieving emails and calendar events, but when I try to create a calendar event, I consistently get a "403 - Forbidden" response.
The code is live and working at http://oauth.idippedut.dk/oauth.html. I am accessing the Office 365 API endpoint at https://outlook.office.com/api/v2.0/me/events .
My configuration for "Delegated permissions" on the app in our Office365/Azure tenant Active Directory is this:
The configuration for "Application permissions" on the app in our Office365/Azure tenant Active Directory is this:
The jQuery request is this:
var event = {
"Subject": "Discuss the Calendar REST API",
"Body": {
"ContentType": "HTML",
"Content": "I think it will meet our requirements!"
},
"Start": {
"DateTime": "2016-01-21T18:00:00",
"TimeZone": "Pacific Standard Time"
},
"End": {
"DateTime": "2016-01-21T19:00:00",
"TimeZone": "Pacific Standard Time"
},
"Attendees": [
{
"EmailAddress": {
"Address": "[email protected]",
"Name": "Janet Schorr"
},
"Type": "Required"
}
]
};
// Create calendar events
jQuery.ajax({
type: 'POST',
url: postCalenderEndpoint,
data: JSON.stringify(event),
contentType: "application/json",
headers: {
'Accept': 'application/json',
'Authorization': 'Bearer ' + token,
},
}).done(function (data) {
//alert(JSON.stringify(data));
}).fail(function (err) {
jQuery("#loginMessage").text('Error calling REST endpoint: ' + err.statusText + '\n' + err.responseText);
});
The configuration of jQuery is this:
var resource = 'https://outlook.office.com';
var postCalenderEndpoint = 'https://outlook.office.com/api/v2.0/me/events';
var clientID = '28a707a5-0f11-4d93-8b88-6a918544da14';
var tenantName = '365projectum.onmicrosoft.com';
var authContext = new AuthenticationContext({
instance: 'https://login.microsoftonline.com/',
tenant: tenantName,
clientId: clientID,
postLogoutRedirectUri: window.location.origin,
cacheLocation: 'localStorage'
});
And the resulting HTTP-request is this:
Host: outlook.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Authorization: Bearer <my token>
Referer: http://oauth.idippedut.dk/oauth.html
Content-Length: 386
Origin: http://oauth.idippedut.dk
Connection: keep-alive
{"Subject":"Discuss the Calendar REST API","Body":{"ContentType":"HTML","Content":"I think it will meet our requirements!"},"Start":{"DateTime":"2016-01-21T18:00:00","TimeZone":"Pacific Standard Time"},"End":{"DateTime":"2016-01-21T19:00:00","TimeZone":"Pacific Standard Time"},"Attendees":[{"EmailAddress":{"Address":"[email protected]","Name":"Janet Schorr"},"Type":"Required"}]}
I am really puzzled to why I get the 403, since everything should be set up correctly.
Any help will be greatly appreciated :-)
/Jesper
947
You configured delegated permissions for Microsoft Graph, but call the Outlook endpoint. You need to do either of: 1. change your app configuration to have delegated permissions for Outlook/Office 365 Exchange Online. 2. change your app to use the Microsoft Graph endpoint (graph.microsoft.com), i.e. https://graph.microsoft.com/v1.0/me/events and keep the current app configuration.
81
try "https://graph.microsoft.com" as the resource to get the (right) token.
Best regards,
AJ
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
