We have a problem consenting permissions and obtaining access tokens to call MSGraph API. Our product is like follows:
We have an API that works with MSGraph. Until now, we have been using Aplication permissions to access resources as mail and calendar.
We would like to start using Task To-Do API and it only supports Delegated permissions.
Our API works with multiple tenant and multiple users in each tenant.
We use admin consent to give all necesary permissions and generate a token aftewards to make requests to MSGraph (Aplication permissions endpoints).
With these new changes, is there a way to generate a token valid for To-Do API directly from an administrator, or is mandatory that each user signs in to create a personal auth token valid for this API?
We would like to avoid the proccess of user sign in as our API is meant to work behind another application we do not develop after administrator has given consent.
Thank you in advance
In your case, you are using client credentials flow and with that you can not have signed in user or delegated permissions as MS Graph Todo APIs only support delegated permissions.
For you to use the To-Do Graph APIs, you have to can incorporate user signin. If this not possible in your scenario, then you can upvote this feature request - Allow Graph API calls to work with both todo tasks and plannerTasks using application permissions