Create Teams OnlineMeeting via Graph API using delagated permission now get "No application access policy"
I was able to created (Teams) OnlineMeetings via graph API with my own app registration and delegated permissions using device_code flow and the /me endpoint. I left the code untouched but now, I do get a "No application access policy found for this app" [403].
As far as I know, when not using application permission - I don't need a further tenant admin setup. The code works in the same way when creating Calendar events, but fails now for OnlineMeetings.
Are there any significant changes for delegated permissions concerning the /v1.0/me/onlineMeetings endpoint? Or did my tenant admin modified something?
Snippets:
String deviceCodeResp = sendPostRequest(AUTH_ENDPOINT + "/devicecode",
"client_id=" + CLIENT_ID + "&scope=https://graph.microsoft.com/User.Read+https://graph.microsoft.com/OnlineMeetings.ReadWrite",
"application/x-www-form-urlencoded"
);
// Extract device code and message
String deviceCode = extractJsonValue(deviceCodeResp, "device_code");
// user enters usercoode on microsoft devicelogin page
String tokenResponse = sendPostRequest(AUTH_ENDPOINT + "/token",
"grant_type=device_code" +
"&device_code=" + deviceCode +
"&client_id=" + CLIENT_ID,
"application/x-www-form-urlencoded"
);
String token = extractJsonValue(tokenResponse, "access_token");
// create the meeting with the access_token
String meetingResponse = sendPostRequest(GRAPH_ENDPOINT + "/me/onlineMeetings",
meetingJson,
"application/json",
token
);
Note: If you are making using of delegated API permissions to create onlinemeetings using /me then there is no need to configure application policy.
- Cross verify if your tenant admin has configured any policy.
I tried in my environment used device code to generate access token by using below parameters:
API permissions:
POST https://login.microsoftonline.com/TenantID/oauth2/v2.0/devicecode
client_id: ClientID
scope: https://graph.microsoft.com/.default
Generated access token:
POST https://login.microsoftonline.com/TenantID/oauth2/v2.0/token
grant_type: urn:ietf:params:oauth:grant-type:device_code
client_id: ClientID
device_code: xxx
Using the above access token, I am able to create onlinemeetings using /me endpoint:
POST https://graph.microsoft.com/v1.0/me/onlineMeetings
{
"startDateTime":"2025-07-12T14:30:34.2444915-07:00",
"endDateTime":"2025-07-12T15:00:34.2464912-07:00",
"subject":"User Token Meeting"
}
If still the issue persists, try to create a new Microsoft Entra ID application and pass those credentials and check.
- "Schema" property not found in Postgres Connector
- Downloading file from Azure blob storage via Memory Stream
- Reading env variable from template.yaml
- HTTP Error 500.30 - ASP.NET Core app failed to start - Azure
- Azure DevOps Pipelines: TerraformTaskV4: init with different subscription and Workflow Identity Federation
- Enabling HTTPS for a Azure blob static website
- How to search across many Azure Devops Git project and find all files which contain specific text AND which filename contains "Resource"
- Hosting SPA with Static Website option on Azure Blob Storage (clean URLs and Deep links)
- Using Managed Identity to Access Azure OpenAI Service
- Azure data factory not loading
- Transfer encrypted dataprotection keys from a windows vm to azure keyvault
- Refresh powerBI data with additional column
- Azure Application Insights AKS - How to Create 1 custom alert rule which will trigger multiple alerts, but with different names (per pod name)?
- gRPC and REST side by side in Azure App Service, Linux Container
- Connecting to a SignalR WSS stream but not getting the response i am looking for
- SignalR prevent user from opening multiple sessions in different tabs
- Application Insights -_logger.LogInformation
- CosmosDB is not allowing serverless capabalities to NoSQL, it says I must use CapacityMode
- Azure Webapp / Website Swap : HTTP Ping Error
- Microsoft Graph API - Update phoneMethods is no longer working
- Use Azure Key Vault secret in Header section of Web Activity
- Azure Storage blob getting the io.netty.channel.StacklessClosedChannelException while generating /downloading the from SasUrl
- How do I save and later load Azure AnalyzeResult object in python?
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Azure ADF - HTTP : Table from list
- Self hosted azure devops build agent not getting tool from $PATH
- Azure devops pipeline stages template nesting
- Azure APIM is returning the incorrect HTTP response error when call is missing mandatory querystring parameter
- Azure DevOps build pipeline logid for a specific task - dynamically
- PS script to fetch the list non-compliance resource list with respect to policy from multiple subscriptions