Create event in outlook calendar using Azure AD, getting 401 unauthorized while impersonate to access others calendar.

Sathish Bonifash 1 Reputation point
2020-09-04T03:29:24.38+00:00

Dear Experts,

We have scheduler application to create/update calendar events, now we are migrating Modern Authentication. we have registered in Azure and validate token. after token validated, we are impersonate to create/update calendar event, but it shown 401 Unauthorized errors while use the Findfolders method.

try
{
// Make the interactive token request
result = await app.AcquireTokenForClient(ewsScopes)
.ExecuteAsync(); 

            // Configure the ExchangeService with the access token  
            var ewsClient = new ExchangeService();  
            ewsClient.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");  
            ewsClient.Credentials = new OAuthCredentials(result.AccessToken);  



            //Impersonate the mailbox you'd like to access.  
            //ewsClient.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, "admin@xxxx.onmicrosoft.com");  
            ewsClient.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, "admin@xxxx.onmicrosoft.com");  

            //Include x-anchormailbox header  
            ewsClient.HttpHeaders.Add("X-AnchorMailbox", "admin@toyotaap.onmicrosoft.com");  

            
            // Make an EWS call  
            **var folders = ewsClient.FindFolders(WellKnownFolderName.MsgFolderRoot, new FolderView(10));**  
            foreach (var folder in folders)  
            {  
                Console.WriteLine($"Folder: {folder.DisplayName}");  
            }  
        }

From above code the given line got 401 error.

var folders = ewsClient.FindFolders(WellKnownFolderName.MsgFolderRoot, new FolderView(10));

Azure Permission for reference.
22681-image.png

Please help to give me idea to resolve this issue.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,664 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. soumi-MSFT 11,716 Reputation points Microsoft Employee
    2020-09-07T05:24:51.217+00:00

    @Sathish Bonifash , I guess, here you need to use the Microsoft Graph API to create the User's outlook calendar. You can use the following doc to get more understanding on the API, https://learn.microsoft.com/en-us/graph/api/calendar-post-events?view=graph-rest-1.0&tabs=http

    Also, would like to state that when you use this API, you would have to fetch a token from AAD as a user, and only that user can use that token to create a calendar for himself/herself.

    In the case of shared calendars only, someone else can create a calendar event for someone else.

    Hope this helps.

    Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    1 person found this answer helpful.