Microsoft Teams
A Microsoft customizable chat-based workspace.
10,039 questions
Accessing OnlineMeetings with Azure AD app without global application access policy
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 42%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVY%3C/text%3E%3C/svg%3E)
Vasyl Yakovishak
0
Reputation points
I have an Azure AD app registration with the following Microsoft Graph permissions:
- OnlineMeetings.ReadWrite.All
- OnlineMeetings.Read.All
- OnlineMeetingTranscript.Read.All
I'm trying to access online meetings across my organization using Graph API endpoints with my app's credentials instead of a specific user's context. I understand that I need to create an application access policy, but I want to avoid using the -Global parameter if possible.
I've attempted to use a security group instead, but it didn't work. Here's what I've tried so far:
- Created a security group and added relevant users
- Used the following PowerShell commands:
New-CsApplicationAccessPolicy -Identity "MeetingAccessPolicy" -AppIds "my-app-id" -Description "Access policy for meetings" Grant-CsApplicationAccessPolicy -PolicyName "MeetingAccessPolicy" -Group "my-security-group-id" - Waited for policy propagation (over 30 minutes)
- Tested API calls using the app's access token
https://graph.microsoft.com/v1.0/users/{user-id}/onlineMeetings/{meeting-id}
https://graph.microsoft.com/v1.0/users/{user-id}/onlineMeetings/{meeting-id}/transcripts/{transcript-id}/content
I receive the error:
{
"error": {
"code": "General",
"message": "No application access policy found for this app.",
"innerError": {
"request-id": "xxxx-xxxx-xxxx-xxxx",
"date": "2024-08-13T19:47:25",
"client-request-id": "xxxx-xxxx-xxxx-xxxx"
}
}
}
Despite these attempts, I'm still unable to access meetings for users in the security group. Questions:
- Is there a way to grant application-level access to online meetings without using a global policy?
- Can I use security groups or other Azure AD groups effectively for this purpose?
- Are there any specific requirements or configurations I might be missing?
- If a global policy is the only option, are there any best practices or security considerations I should be aware of?
Any insights or alternative approaches would be greatly appreciated. Thank you!
Microsoft Teams
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,943 questions
Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
3,230 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 65%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Meghana-MSFT 3,881 Reputation points Microsoft Vendor2024-08-30T19:12:34.13+00:00 Thank you for reporting this, we will check this and get back to you.
-
Meghana-MSFT 3,881 Reputation points Microsoft Vendor
2024-09-26T14:03:02.27+00:00 Currently this is not a supported scenario. You can suggest this feature at https://feedbackportal.microsoft.com/feedback/forum/ad198462-1c1c-ec11-b6e7-0022481f8472.
Sign in to comment
Sign in to answer