I'm creating an application in with angular and nodejs and I need to be able to read another user's list of events. Right now I am attempting to use "https://graph.microsoft.com/v1.0/users/otherusername@companyurl.com/events" this gives me the 403 "Access is denied. Check credentials and try again.". However, if I use "https://graph.microsoft.com/v1.0/users/myusername@companyurl.com/events" it works(as most would expect). My question is, why is it when I use outlook I can use scheduling assistant to see the events for "otherusername@companyurl.com" without being an admin but in my application I cannot see their events due to credentials?

The library I'm using to connect to microsoft graph api is https://github.com/AzureAD/azure-activedirectory-library-for-js

The delegated permissions I have set in azure are

• View users' email address
• Sign users in
• Read user contacts
• Have full access to user calendars
• Read user calendars
• Send mail as a user
• Read directory data
• Read all users' basic profiles
• Sign in and read user profile

Application permissions (I understand these require admin)

• Read calendars in all mailboxes

Graph api permission scopes

Any help is appreciated, thankyou.

Fugal - This is by design. You can use FindMeetingTimes API to schedule meetings with other users. This can be accomplished with just Calendar.Read permission. See http://graph.microsoft.io/en-us/docs/api-reference/beta/api/user_findmeetingtimes for more info.

For you to view another user's calendar using /events endpoint, you need a special permission (something like Calendar.Read.Shared) that we are still in the process of adding. Once we add that, you will be able to use /Events to access any calendar that another user has explicitly shared with you. But if you want to just schedule meetings, FindMeetingTimes should be sufficient.