none
Graph API and Planner Tasks RRS feed

  • Question

  • Hello, all.

    Much of this is black juju to me, as I am learning this stuff as I go along, *AND* I am not an admin, so I have to keep going back to the actual admin for our organization with guess-work changes.

    I am trying to get my application to read Planner Tasks for the currently logged in user.

    I initialize the OpenID Authentication with these scopes:
    "openid offline_access profile email https://outlook.office.com/mail.read https://outlook.office.com/tasks.read https://outlook.office.com/calendars.read"

    If I add to or replace the above scopes with "https://graph.microsoft.com/Tasks.Read https://graph.microsoft.com/Group.ReadWrite.All https://graph.microsoft.com/mail.read" I get this exception:
    "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope openid offline_access profile email https://outlook.office.com/mail.read https://outlook.office.com/tasks.read https://outlook.office".com/calendars.readhttps://graph.microsoft.com/Tasks.Read https://graph.microsoft.com/Group.ReadWrite.All https://graph.microsoft.com/mail.read is not valid."

    I assume you cannot mix graph and outlook scopes.

    When requesting an access token to read the users Planner tasks, I use these app scopes in the request:
    "https://graph.microsoft.com/Tasks.Read https://graph.microsoft.com/Group.ReadWrite.All https://graph.microsoft.com/mail.read"

    However, the response says "The user or administrator has not consented to use the application with ID '...'. Send an interactive authorization request for this user and resource"
    and I do not get a token.

    I have tested the application using only "https://graph.microsoft.com/mail.read" as the request scope, and I get an access token with no problem.

    I should also note that I am using this API for the Tasks: "https://graph.microsoft.com/beta/me/tasks"

    These permissions are set in Azure AD for The application:
    APPLICATION PERMISSIONS
    YES Read all hidden memberships
    No Read and write files in all site collections (preview)
    No Read files in all site collections (preview)
    No Read mail in all mailboxes
    No Read and write mail in all mailboxes
    No Send mail as any user
    No Read calendars in all mailboxes
    No Read and write calendars in all mailboxes
    No Read contacts in all mailboxes
    No Read and write contacts in all mailboxes
    YES Read all groups
    YES Read and write all groups
    YES Read directory data
    No Read and write directory data
    No Read and write devices
    No Read all users' full profiles
    No Read and write all users' full profiles
    No Read and write all user mailbox settings (preview)
    No Read all identity risk event information
     
    DELEGATED PERMISSIONS
    YES Read and write user and shared tasks
    YES Read user and shared tasks
    YES Read and write user and shared contacts
    YES Read user and shared contacts
    YES Read and write user and shared calendars
    YES Read user and shared calendars
    YES Send mail on behalf of others
    YES Read and write user and shared mail
    YES Read user and shared mail
    YES Sign in and read user profile
    YES Read and write access to user profile
    YES Read all users' basic profiles
    YES Read all users' full profiles
    No Read and write all users' full profiles
    YES Read all groups
    YES Read and write all groups
    YES Read directory data
    YES Read and write directory data
    YES Access directory as the signed in user
    YES Read user mail
    YES Read and write access to user mail
    YES Send mail as a user
    YES Read user calendars
    YES Have full access to user calendars
    YES Read user contacts
    YES Have full access to user contacts
    YES Read user files
    YES Have full access to user files
    YES Read all files that user can access
    YES Have full access to all files user can access
    YES Have full access to the application's folder
    YES Read and write files that the user selects
    YES Read files that the user selects
    YES Read items in all site collections
    YES Sign users in
    YES Access user's data anytime
    YES Read users' relevant people lists (preview)
    YES Create pages in user notebooks (preview)
    YES Limited notebook access (preview)
    YES Read user notebooks (preview)
    YES Read and write user notebooks (preview)
    YES Read all notebooks that the user can access (preview)
    YES Read and write notebooks that the user can access (preview)
    YES Read user tasks
    YES Create, read, update and delete user tasks and projects (preview)
    YES View users' email address
    YES View users' basic profile
    YES Read and write user mailbox settings (preview)
    YES Read identity risk event information
    Anyone have any observations or solutions to my issue?
    James

    Wednesday, September 21, 2016 3:08 PM

All replies

  • Hi JamesDAlbert,

    This is the forum to discuss questions and feedback for Developing Apps for Office 2013, I'll move your question to the MSDN forum for Office 365 for Developers

    https://social.msdn.microsoft.com/Forums/office/en-US/home?forum=Office365forDevelopers

    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, 
    and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. 

    Thanks for your understanding.
    Thursday, September 22, 2016 7:36 AM