I'm trying to use the Microsoft Graph API to get the calendars of all the users in an organization. Is there a way for an admin with the appropriate permissions can get all user calendars with one request to the API? I'm aware that it is possible by first retrieving a list of all the users then using the user IDs to send a request for each's calendars. I'd like to avoid this approach so that I can avoid making too many calls to the API. I'd also like to be able to do this without every using having to share their calendars with the admin. Does support for something like this exist? Thanks.
No, it is not possible to get all Calendars of all users in one request.
You can do it only over the way you described.
There are two part to your question:
1: Get all calendars of all users in call: This is not possible.
2: Get access to calendars with users explicitly sharing the calendars. This is possible using app-only access tokens.
https://developer.microsoft.com/en-us/graph/docs/concepts/auth_v2_service
Related
I was wondering if there is any possibility to find what channels is certain user part of. We are on a Business+ plan and I know something like this is possible in Enterprise Grid but I thought if there is any API method that could help me with that even on our plan.
Thank you in advance for all the ideas.
You can use https://api.slack.com/methods/users.conversations API
This API provides list of conversations the calling user may access.
You'll need to provide user argument: It allows browsing conversations by a specific user ID's membership. Non-public channels are restricted to those where the calling user shares membership.
Goal: I'm trying to get all the calendars in my Gsuite org.
Problem: I know I can get a list of calendars using CalendarList.list but that's only if the user or service account has all the calendars in its list and even then it's not always accurate because the calendars don't always get added to the service account's calendar list and a user could potentially remove the calendar from their list.
Question: Is there a way to just grab every calendar in my Google org? Let's say my domain is #someorg.com. I want every user's calendar as well as calendars created through the api. I was thinking this might be possible with the GSuite Admin SDK, but I haven't been able to find anything that allows me to do this. It only handles Resources.calendars which is different than a Calendar object.
Any help appreciated! Thanks!
You need to use the service account to get a token for each user, for this you need each user's email which you can get making a Users.list request [1]. With each token you can do a CalendarList.list request [2] for each impersonated user which will retrieve you the user's calendars it's subscribed to.
You can filter the results to get the calendars with the accessRole [3] field set to owner, if you want the calendars created by the user. You could get the deleted calendars as well by setting the showDeleted parameter to true [2].
[1] https://developers.google.com/admin-sdk/directory/v1/reference/users/list
[2] https://developers.google.com/calendar/v3/reference/calendarList/list
[3] https://developers.google.com/calendar/v3/reference/calendarList
unfortunately you cant. The only way to get a list of calendars that the user has access to is though the calendarlist.list method. The issue with this is that you must be sure that all of the users calendars where actually added to calendarlist which is not always the case.
What you can do is prompt the user asking them to share with you any other calendars but thats not going to work very well with a service account.
Considering the official documentation provided by Workspace(formerly G-Suite), this can be achieved by using service accounts with domain-wide authority delegation.
Please check the documentations below:
Google Calendar API - Domain Resources
Delegating domain-wide authority to the service account
I’m new to google classroom api. I want to create a process that will query all classes, students, assignments etc. It will run unattended.
So, my questions are:
will offline scope allow the process to query the api unattended?
can only an admin user see all classes, students, assignments?
or, can a g-suite user be created with limited read-only permissions to certain resources?
Thanks
Since this is an unattended batch process and Google OAuth access tokens expire after 1 hour, you will likely need offline access. You can do this by adding the parameter access_type=offline in the authorization URL.
In terms of actually acquiring all classes, students, assignments, etc., here are a few things to note:
If you're a domain administrator, you can retrieve courses, students, assignments, invitations, etc. in their domain and will not need each teacher to authorize these requests.
If you don't have domain administrator access and want to retrieve all these items, you will have to have each teacher authorize your request(s).
As for your last question, I'm not entirely sure what you mean -- could you clarify? Are you asking is if one workaround would be to create a G Suite user that has read access to all these resources and then use that account to make all the requests?
You can create a service account and use it to query all data on behalf of users-
https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority
Here's an odd question...
I have multiple clients for whom I manage MC accounts, and I need to find out which account is associated with a particular API key and List ID. Is there any way of doing this? I have the List ID and API key, but cannot figure out which account the signups are going to!
If you hit the root of MailChip API v3, you'll get the account username as a part of the response. You can use their API Playground to make that call if you're not a developer.
I'm designing an app that counts on accessing multiple API's that need the certain users credentials which are provided when a user allows access via OAuth. I'm new to designing programs like this and I'm trying to wrap my head around the easiest way to do this. Here is what I was thinking:
During the Oauth process I specify the callback url (lets call it A)
Create a POST route for url A that points to a function in the user controller
That function then parses the JSON data with the API Key+Secret, hashes the data, and stores it in a column of the user table.
Would this be the best way to go about this?
One thing I'll say is don't tie these directly to your users. Sometimes users may want to authorize multiple accounts, and sometimes multiple users may authorize the same account. Since you can only have one active refresh token per oauth account, these creds should be kept in a separate table and then linked with a many-to-many for flexibility