Find recurring meetings that have ended with Microsoft Graph

Calendar with date circled

When I joined the Microsoft Graph team I set up recurring 1:1 meetings with each of my teammates and a number of people from other teams within our group. As luck would have it those meetings defaulted to have an end date ~1 year from when the series was created.

As you might guess, I forgot to extend some of those meetings and then after they reached their end date I had to go through my calendar to find which ones were impacted and extend them.

The below query is intended to find all recurring meetings on your Exchange Online calendar. It is not a complete solution as I haven’t figured out the exact syntax for recurrence property with an end date in the past. Hopefully someone finds this useful and if you have enhancements to help with filtering please feel free to share in the comments.

Click here to try this out in Graph Explorer

Ex. query

https://graph.microsoft.com/v1.0/me/events?$filter=type eq 'seriesMaster'&$select=id,subject,recurrence

Note that type = ‘seriesMaster’ will only find the series and not individual meeting instances which may have exceptions from the original recurrence pattern.

-Frog Out

What are you working on? (share early and often)

Hands working on clay project

I’ve always enjoyed “Show and Tell Fridays”, “Brown bag sessions” (i.e. bring your lunch and a presenter shares about a topic), and hackathons to see what cool things my peers are working on. Not only do I get to see / hear interesting projects and solutions they are building, it also sparks creativity in me to work on my own projects.

During our September 2022 company-wide hackathon I had the opportunity to collaborate with folks from multiple areas of Microsoft (Teams, Outlook, .Net Interactive, M365 Profile, and more) on interesting projects. What was really interesting to me is that 2 of these projects started via tweets on Twitter. A random message from myself was picked up by one engineering team for 1 project and a thread from a peer about “wouldn’t it be cool if…” started another project.

Ultimately, I highly recommend that you take the time to share early and share often your ideas, interests, side projects, and more. You never know how that may lead you and your peers to build the next innovative product / feature / etc.

For those interested, here is a link to one of the hackathon projects I worked on for a “Microsoft Graph extension for .Net Interactive”. For those unfamiliar, .Net Interactive Notebooks allow you to mix text (Markdown) and runnable code snippets (multiple languages supported) in a notebook style format. This custom extension allows authenticating to Microsoft Graph via 3 different authentication flows (possibly more to come) and run Microsoft Graph SDK queries easily.

I’ll be sharing more about this on my blog, M365 platform community call, and a few other places as it continues to develop. For now follow / star / fork / etc. the GitHub repo for more updates.

Microsoft Graph extension for .NET Interactive Notebooks
https://github.com/microsoftgraph/msgraph-dotnet-interactive-extension

-Frog Out

Microsoft Graph team on the Hello World show

Last week, a number of my fellow teammates (Darrel Miller, Fabian Williams, Sebastian Levert, Beth Pan, Vincent Biret, and Walkdek Mastykarz) from the Microsoft Graph team joined the Hello World show for a special episode. We covered a number of great topics like getting started with Microsoft Graph, using Microsoft Graph Toolkit, and learning about SDK support. Check out the recording or jump to specific segments of the show!

Generic Image

Hello World: Microsoft Graph (recorded 2021-09-16)

Generic Image

-Frog Out

What I’m Working On – March 2021

It has been a couple months since I last posted here, so sharing an update on things I’ve been working on the past few months.

Microsoft Graph connectors

Starting in December 2020 I’ve taken on the role of subject matter expert (SME) for Graph connectors on my team. For those not aware, Graph connectors allow customers and partners to ingest external data (outside of Microsoft 365) into Microsoft Graph so that that data can participate in Microsoft 365 experiences such as search, intelligent discovery, eDiscovery, and more. The end goal is to increase discoverability and drive engagement to that content no matter where a user may be.

I’ve been working very closely with a number of customers and partners to get them started developing connectors and support their efforts as it relates to a few other larger picture integrations. This will continue to be one of my main focus areas going forward. If you’d like to get started with Graph connectors take a look at the developer documentation or try out the Postman collection.

Developer Documentation
https://aka.ms/graphconnectorsapi

Graph Connectors Postman Collection
https://aka.ms/graphconnectorspostman

Personally I’m looking forward to the future of Graph connectors and seeing how our customers and partners leverage them in their own environments.

Microsoft Graph Mailbag blog series

In December 2020 myself and a handful of other folks at Microsoft started the Microsoft Graph Mailbag blog series. This is a twice a month (2nd and 4th Tuesday) opportunity to share lessons learned, interesting solutions, or additional highlight of announcements related to Microsoft Graph. So far a variety of authors have published on topics ranging from Microsoft Graph Toolkit to Graph Explorer to Azure Functions + Microsoft Graph and beyond.

Ever since leading the 30 Days of Microsoft Graph blog series back in 2018 I’ve enjoyed establishing a platform for other people to share their knowledge more broadly. We have a few upcoming posts that I’m particularly interested in sharing out publicly.

On a related note, I recently recorded a podcast with Jeremy Thake and Paul Schaeflein on the Microsoft 365 Developer Podcast where we discussed the Microsoft Graph Mailbag blog series, our Graph CPx team, and more. Look for that episode to release within the next week or so.

Onboarding Graph CPx Team Members

As mentioned in my post “A New Role with Microsoft Graph Team” last May, I’ve taken a new role at Microsoft on the Microsoft Graph Customer and Partner Experience (CPx) team. This team was started from scratch with myself and my manager Jeremy Thake. Over the past ~year we have onboarded Fabian Williams, Sébastien Levert, and Nik Charlebois. Additionally Gladys Alvarez has joined us as a LEAP apprentice for ~3 months to work on a special project. We have 1 more person planned to onboard in April and another open position (at the time of writing, see link below).

Senior CPX Program Manager
https://careers.microsoft.com/us/en/job/1009801/Senior-CPX-Program-Manager

Each week I spend time ensuring everyone is adjusting to Microsoft / our team as best as possible. This includes formalizing / standardizing processes, 1:1 chats, team retrospectives, etc. Additionally we’ve shared out responsibilities for hosting the Microsoft Graph community call (1st Tues of each month at 9am PT) and other regular activities on our team. Overall this has been a rewarding experience to start on a new team and help establish / build out what we are capable of delivering.

Reading Books

Image by Lubos Houska from Pixabay

If you’ve known my reading habits in the past then you’ll know that I generally didn’t get (or more accurately “make”) much time to read books except during time off from work (summer vacation or time off in December). At those times I would plunge into a book or two and read through them in a few days.

In the past year though I’ve gotten a number of recommendations for business, finance, and other genres of books. The strong majority of these books have been immensely helpful for my day-to-day work, personal / family planning, and more. I set a goal for myself in 2021 to read at least 2 books by the end of the year. March is not even over and I’m already on my 4th book for the year… so I guess you could say the pace of reading (and on a more regular basis) has picked up.

If you’re interested in seeing which books I’ve been reading lately you can take a look at my Good Reads list. I try to keep it updated on a weekly basis. If you have any recommendations please share in the comments or via Good Reads.

https://www.goodreads.com/briantjackett

Conclusion

Today’s post was not a technical one. More for me to share out things that have been keeping me busy the past few months. Hopefully you are doing well and I’ll see you around online.

-Frog Out

Presenting at Collab365 GlobalCon3

I have the privilege of presenting “Introduction to Microsoft Graph Development” at the upcoming Collab365 GlobalCon3 taking place Sept 8-11, 2020.  This is a free online conference with MVPs and experts from around the world presenting on developer, IT Pro, and adoption topics.

Title: Introduction to Microsoft Graph Development

Abstract: “I hear that I need to use Microsoft Graph for developing against Office 365 but I have no clue where to start.” “I want to grant access to company data without throwing in the entire kitchen sink.” Fear not fellow developers and admins. This session we will ramp you up to a 200 level knowledge on the pertinent parts of Microsoft Graph including endpoints available, syntax, authentication flows, and more. We will also cover useful examples of what can be accomplished using these APIs. Prior experience with Microsoft Graph is not required but can be helpful.

You can also purchase an all-access pass which includes lifetime access to the videos, additional e-books, and more.  Looking forward to participating in this great event.

Calling Microsoft Graph Endpoint with Delegated Implicit Authentication Does Not Include Azure AD Roles

Recently I was working with a Microsoft Graph partner and ran into an interesting scenario around calling Microsoft Graph endpoints from SharePoint Framework (SPFx) web parts using delegated permissions that I want to share.

Scenario

The partner was building a SPFx web part that was making calls to Microsoft Graph using the MSGraphClient. While making calls to specific endpoints on Microsoft Graph they were receiving a 403 Forbidden error response. We checked the permissions granted and consented and everything appeared in order.

403 Forbidden error screenshot.

Digging deeper into the MSGraphClient implementation I found that it uses an ImplicitMSALAuthenticationProvider for acquiring the authentication token. Implicit authentication is important to keep in mind in this scenario.

Use the MSGraphClient to connect to Microsoft Graph https://docs.microsoft.com/en-us/sharepoint/dev/spfx/use-msgraph

Microsoft Graph JavaScript Client Library – Authenticate for the Microsoft Graph service https://www.npmjs.com/package/@microsoft/microsoft-graph-client#2-authenticate-for-the-microsoft-graph-service

I used https://jwt.ms (provided by the Microsoft Identity Platform team) to decode a sample token from the partner and then again to decode an access token I had acquired in my lab environment. I noticed that the partner’s access token did not have the “wids” claim while my lab access token did have that claim.

Thanks to a contact in O365 software engineering who was able to confirm that the “wids” claim contains the tenant-wide roles assigned to the user. As noted in the documentation implicit authentication flows may not return the “wids” claim due to token length concerns.

Screenshot of documentation on "wids" claim.  Highlight that this claim might not be returned for implicit authentication flow.

Microsoft identity platform access tokens – payload claims

https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens#payload-claims

Looking at one of the Microsoft Graph endpoints that the partner was calling (getOffice365GroupsActivityDetail) we found the below note explaining that when using delegated permissions (which the partner was using) the user context must also be assigned to an appropriate Azure AD limited administrator role.

Note: For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure AD limited administrator role. For more details, see Authorization for APIs to read Microsoft 365 usage reports.

https://docs.microsoft.com/en-us/graph/api/reportroot-getoffice365groupsactivitydetail?view=graph-rest-1.0#permissions

Putting the pieces together, the query was failing an authentication check because the access token passed to the endpoint did not have the necessary claim containing the assigned Azure AD roles. Hence the “invalid permissions” response.

Conclusion

This is an edge case scenario that took some collaboration with various groups within Microsoft to track down. Many thanks to my peers who helped with identifying additional information as we investigated. I submitted a pull request to the SPFx documentation that has been merged to call out this behavior (see Known Issues on this link). So far that I can tell only the Microsoft 365 usage reports endpoints on Microsoft Graph may have an Azure AD role requirement.

Authorization for APIs to read Microsoft 365 usage reports
https://docs.microsoft.com/en-us/graph/reportroot-authorization

Hopefully this post helps others who may run into this scenario. If you find additional similar scenarios feel free to let me know in the comments.

-Frog Out