I am working on a project where I need to create events in user's Outlook calendars. The requirement is that job inspection dates should be added to the calendar of relevant users. Additionally, users should have the ability to manually create events on their calendars.
After some research, I've identified two possible approaches for achieving this functionality. Given these two approaches, I am unsure which one will work for my requirements. Additionally, I have questions for both:
1. Delegated permissions:
With this approach, I would utilise the delegated authentication flow, requiring the use of a user's access token to create events in their calendar.
However, I've noticed that these tokens have a relatively short expiration time, usually less than a day. Managing tokens for all users seems impractical.
So, I realise we may need to go with Application permissions.
2. Application permissions:
Having only application's access token managing it will be practicle.
I have app access token with this end point. https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token
But when I try to create event with https://graph.microsoft.com/v1.0/users/${userId}/events
I am getting error as below:
response: {
status: 401,
statusText: 'Unauthorized',
data: {
error: {
code: 'OrganizationFromTenantGuidNotFound',
message: "The tenant for tenant guid 'f8cdef31-xxxxx-5f571e91255a' does not exist.",
innerError: {
oAuthEventOperationId: 'e3f0be2e-xxxxx-a3cabb87741d',
oAuthEventcV: 'CNUKxxoGwp3Jr9+kMI/pZw.1.1.1',
errorUrl: 'https://aka.ms/autherrors#error-InvalidTenant',
requestId: '446a24c5-xxxxx-f592fcef453c',
date: '2024-03-15T05:16:08',
},
},
},
}
I am not sure what am I doing wrong. I am open to any insights, recommendations or clarifications. Thank you for your assistance.