Share via

How to subscribe to MS Graph event notifications

Dimitrios Gkiokas 40 Reputation points
2025-02-17T20:01:48.5666667+00:00

Can I use an app registration with delegated Calendars.Read permission to subscribe to calendar event notifications for a given shared email that I own?

I intend to use the JavaScript sdk.

what are the authentication options? is there a way to sign in without a user logging in interactively?

I must not use application type permission because I can’t get access to every one’s calendar.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,221 questions
0 comments
Accepted answer
  1. CarlZhao-MSFT 45,676 Reputation points
    2025-02-18T09:19:28.43+00:00

    Hi @Dimitrios Gkiokas

    The ROPC flow is an available option that allows applications to log in by directly handling the user's password without browser interaction. However, the ROPC flow does not support MFA, and hardcoding the user's password may pose certain risks. Therefore, we generally do not recommend using the ROPC flow. It should only be used when more secure flows are not feasible.

    References: https://learn.microsoft.com/en-us/graph/sdks/choose-authentication-providers?tabs=typescript#usernamepassword-provider.

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akhil Nasalwai - MSFT 815 Reputation points Microsoft External Staff
    2025-02-18T00:57:36.3133333+00:00

    Hello Dimitrios Gkiokas,

    Thank you for reaching out to Microsoft!

    Yes, you can use an app registration with delegated permissions Calendars.Read to subscribe to calendar event notifications for a shared email that you own.

    For the authentication options, you might have the OAuth 2.o Authorization code flow as this flow allows you to obtain an access token and a refresh token. The refresh token can be used to obtain new access tokens without user interaction, enabling non-interactive sign-ins. Please refer the below mentioned link for detailed information related to non-interactive sign-ins.

    Link: Non-interactive user sign-in

    Since OAuth 2.o client credential flow is typically used for app-only permissions, this may not be most suitable for the requirement.

    Yes, you can achieve non-interactive sign-ins using the OAuth 2.o Authorization Code flow.

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.