Cannot create online meeting with Enterprise Application #2369
Description
Describe the bug
We're unable to create an online meeting using the Microsoft Graph SDK with a service principal. We're following the application permissions flow (not delegated) and calling the Graph API with the correct scopes and payload, but the request fails withthe follwing error
com.microsoft.graph.models.odataerrors.ODataError: No application access policy found for this app.
Expected behavior
Online meeting created
How to reproduce
- Added deps
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>1.15.4</version>
</dependency>
<dependency>
<groupId>com.microsoft.graph</groupId>
<artifactId>microsoft-graph</artifactId>
<version>6.36.0</version>
</dependency>
- Created an Enterprise Application and corresponding Service Principal.
- Granted all required application permissions, including:
OnlineMeetings.ReadWrite.AllUser.Read.AllCalendars.ReadWrite- All permissions have been admin-consented.
- Created a mail-enabled security group and added all relevant users to it.
- Used the following code to try to create an online meeting:
@Override
public Event createCall(CallDTO callData) throws TechnicalUserIsNullException {
try {
GraphServiceClient graphClient = accessTokenGenerationService.getGraphServiceClient();
User organizerUser = accessTokenGenerationService.getTechnicalUser();
// 2.Create online meeting
OnlineMeeting meeting = createOnlineMeeting(callData, graphClient);
OnlineMeeting createdMeeting = graphClient.users()
.byUserId(organizerUser.getId())
.onlineMeetings()
.post(meeting);
} catch (ODataError error) {
log.error("Error calling Microsoft Graph API: {} - {} - {}", error.getError().getCode(), error.getError().getMessage(), error.getError().getTarget());
log.error("Error calling Microsoft Graph API Inner clientRequestId: {} - requestId: {} - OdataType: {}", error.getError().getInnerError().getClientRequestId(), error.getError().getInnerError().getRequestId(), error.getError().getInnerError().getOdataType());
throw error;
} catch (Exception ex) {
log.error("Error creating Teams call: {}", ex.getLocalizedMessage(), ex);
throw ex;
}
}
private OnlineMeeting createOnlineMeeting(CallDTO callData, GraphServiceClient graphClient) {
OnlineMeeting meeting = new OnlineMeeting();
meeting.setStartDateTime(OffsetDateTime.of(callData.from(), ZoneOffset.UTC));
meeting.setEndDateTime(OffsetDateTime.of(callData.to(), ZoneOffset.UTC));
meeting.setSubject(callData.title());
meeting.setParticipants(buildMeetingParticipants(callData.organizerEmail(), callData.otherParticipants(), graphClient));
meeting.setAllowedLobbyAdmitters(AllowedLobbyAdmitterRoles.OrganizerAndCoOrganizersAndPresenters);
meeting.setRecordAutomatically(callData.recordCall());
return meeting;
}
private MeetingParticipants buildMeetingParticipants(String organizer, List<String> otherParticipants, GraphServiceClient graphClient) {
MeetingParticipants participants = new MeetingParticipants();
participants.setOrganizer(createMeetingParticipantInfo(organizer, graphClient, true));
participants.setAttendees(otherParticipants.stream()
.map(email -> createMeetingParticipantInfo(email, graphClient, false))
.toList());
return participants;
}Then i created the application policy using powershell on portal azure
Install-Module ExchangeOnlineManagement
Connect-ExchangeOnline
New-ApplicationAccessPolicy `
-AppId 41874eeb-9f6f-45b6-bb20-becdcb0d461e `
-PolicyScopeGroupId [email protected] `
-AccessRight RestrictAccess `
-Description "A sample description"
SDK Version
6.36.0
Latest version known to work for scenario above?
No response
Known Workarounds
No response
Debug output
Click to expand log
```</details>
### Configuration
_No response_
### Other information
_No response_