Search code examples
c#azure-active-directorymicrosoft-graph-apimicrosoft-plannermicrosoft-graph-plannertasks

Required permissions to get the planner data using MS graph sdk?

I want to read the planner data using MS graph sdk. For authentication I have to use application type in my Azure AD. I have the client secret, client id and tenant id. The planner also has the permission for the whole tenant. I have given API permission for Group.Create, Group.Read.All, Group.ReadWrite.All, User.Read.All with admin consent granted.

I was calling the api like this,

var clientSecretCredential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var scopes = new[] { "https://graph.microsoft.com/.default" };
GraphServiceClient graphServiceClient = new GraphServiceClient(clientSecretCredential, scopes);

var users = await graphServiceClient.Users.GetAsync();

try
{
    var planner = await graphServiceClient.Planner.Plans[plannerId].GetAsync(r => r.Options.WithAppOnly());
    
    Console.WriteLine($"Plan Id: {planner.Id}, Title: {planner.Title}");
    
}
catch (Exception ex)
{
    Console.WriteLine($"Error: {ex.Message}");
}

I was expecting to get the users list and the planner data. I got the users but for planner I got an error, Error: You do not have the required permissions to access this item.

Now what are the permissions I require to get the planner data? or do I have to give some permission from planner end?

Solution

  • To get planner data using MS Graph SDK, you need Tasks.Read permission in Delegated scenario whereas Tasks.Read.All permission in App-only scenario.

    Initially, I ran your code without granting required permission and got same error while getting planner data as below:

    enter image description here

    To resolve the error, you need to grant Tasks.Read.All permission of Application type as you are using client credentials flow:

    enter image description here

    When I ran the same code again now, I got the response successfully with planner data like this:

    using Azure.Identity;
using Microsoft.Graph;

var tenantId = "tenantId";
var clientId = "appId";
var clientSecret = "secret";
var plannerId = "plannerId";

var clientSecretCredential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var scopes = new[] { "https://graph.microsoft.com/.default" };
GraphServiceClient graphServiceClient = new GraphServiceClient(clientSecretCredential, scopes);

var users = await graphServiceClient.Users.GetAsync();
foreach (var user in users.Value)
{
    Console.WriteLine(user.DisplayName);
}
Console.WriteLine();

try
{
    var planner = await graphServiceClient.Planner.Plans[plannerId].GetAsync();

    Console.WriteLine($"Plan Id: {planner.Id}, Title: {planner.Title}");

}
catch (Exception ex)
{
    Console.WriteLine($"Error: {ex.Message}");
}

    Response:

    enter image description here

    Reference: Get plannerPlan - Microsoft Graph v1.0