Reputation: 50
How to allow anyone to create Teams meetings through MsGraph
I'm trying to develop a web application that is connected to our AD Azure app which allows anyone with a code (specified in our own web application) to start a Teams meeting through the Ms Graph API.
The flow is simple as follows:
- Use the host code to create the Ms Teams room
- Store the created room information in our web app's database
- Send users using a guest code to the correct Teams room
At first i tried using the beta Ms Graph API to use the 'application' permission type on which the host (in step 1) would create a meeting room in our AD Azure domain. This works however, refering the uuid of a user outside of our AD Azure domain isn't allowed or does not seem to work.
I then rewrote the web app to use the 'delegated' permission type. The user using the hostcode in step 1 is then redirected to Microsoft to log in, is returned to our web app with the correct auth tokens which we can use with Ms Graph to create the meeting rooms on behalf of the logged in user.
As far as i know, i configured the corresponding permissions for 'OnlineMeetings.ReadWrite' (or OnlineMeetings.ReadWrite.all, depending on the permission type). Admin consent has been done, i've even set the auth type to 'Accounts in any organizational directory (Any Azure AD directory - Multitenant)' but to no avail.
Both of these solutions seem to be quite limited to only our own AD Azure space/domain meaning we can't offer a web application that automatically creates a meeting room on behalf of a user and connects users to those same meetingroom.
Is there a way to allow the aforementioned?
Upvotes: 0
Views: 243
Answers (1)
Reputation: 15754
For your requirement, I summarize two situations as below for your reference:
There are two tenants (tenant A and tenant B), your registered app is in tenant A and set as Accounts in any organizational directory (Any Azure AD directory - Multitenant).
1. If you want user in other AD to create a meeting room in tenant A, it can't be implemented.
2. If you want user in other AD to create a meeting room in current tenant(such as tenant B). You can request the token with id of tenant B in request token endpoint(like https://login.microsoftonline.com/{id of tenant B}/oauth2/v2.0/token. And in request body, you should use client id in tenant A of the registered app. We can just implement the steps by auth code flow and it will pop-up window to ask for login, you need to use admin account(of tenant B) to do the login at first time(to allow this operation).
Upvotes: 1
Related Questions
- Cant create Microsoft Teams online meetings for some users (Defaults to OnlineMeetingProvider.Unknown) via Graph Api
- MS Teams permissions for creating a group
- Getting error while creating online meeting using graph api
- Accessing and creating Teams Chats via Graph API
- How to create a Microsoft Teams Meeting as application using Microsoft Graph?
- Create online meeting on behalf of user MS Graph API
- API returns Forbidden when creating an online meeting endpoint
- Fail to create online meeting with application identity with GraphServiceClient
- Can I create Microsoft Teams online meetings on behalf of guest users using Graph API?
- how to schedule meeting in MS Teams through Graph API