Allowing calendar graph access through API but not with outlook client

Copper Contributor

Hello everyone, hope I can find an answer to our issue.

We have an app configured on azure to allow members of our organization to edit a shared calendar through API. This works fine.

The issue is that giving the users edit access also adds the calendar to their outlook client which sometimes causes an issue when they accidentally create a personal event in the shared calendar instead in their own private personal calendar.

Ideally to rectify this from happening I'd like to allow them only edit access to that calendar through the API but not through their outlook client.

Any ideas on how to do this?

Thanks

5 Replies
Which API are you using and what kind of permissions have been granted?

@Vasil Michev 
I'm running API calls like PATCH https://graph.microsoft.com/v1.0/me/calendars/[outlook_calendar_id]/events/[event_id] to update an event.

The users get edit access to that calendar.

 

 

So you're using the Graph API, in the delegate permissions model? That does require that the users have been granted access to the shared calendar, and depending on how you do that, it might cause the Calendar to appear in Outlook.
Have you considered using application permissions instead?

@Vasil Michev 

Thank you so much for your reply.
I was using the delegate model until now, but I see that the application permission model is what I need.

The question I have now is how I would set it up on the platform I am using. For the delegate permission model I used Oauth2 User-Agent flow. These are the options I havללא שם.pnge: