What is the difference between "Tasks.ReadWrite" and "Tasks.ReadWrite.Shared" permissions in graph API?
From the documentation:
Tasks.ReadWrite:
Allows the app to create, read, update, and delete the signed-in user's tasks and task lists, including any shared with the user.
Tasks.ReadWrite.Shared:
Allows the app to create, read, update, and delete tasks a user has permissions to, including their own and shared tasks.
To me, that sounds identical. On a related matter, can a planner task really be "shared"? I have not found a way to share a task without sharing the plan. And if you share a plan, all users in the team get access to all tasks in it.
Planner does not use the Tasks.ReadWrite.Shared permission, you only need Tasks.ReadWrite or Tasks.Read to be able to access any Planner data (actual permissions will be further restricted by what the calling user can do).
You can use the API to assign a task to someone who is not a member of the Group or the Roster containing the Plan. They will have degraded experience in the UI, due to not being able to read the Plan data itself or data that is accessed from the Group (such as comments, and files referenced from or uploaded to the Group), but they can still see the basic task content, and complete the task.
For additional context: I believe the Tasks.ReadWrite.Shared permission is used for To Do APIs, but I'm not sure how it translates to a user scenario.