Calendar Access full transfer using power automate and azure automation

Question

Calendar Access full transfer using power automate and azure automation

upendar naik 0

I have a SharePoint list and I'm updating the details like Owner Email , EA Email and Back Up EA Email , StatrtDate , EndDate , remove EA access

now when create a item in SharePoint list flow should trigger it should check if EA is having access to Owners calendar if having then if Remove EA access is Yes then remove it if not just Add Back UP EA to Owners calendar so that Back Up EA can have full control over Owners Calendar (Back UP EA should manage entire Outlook on behalf of Owner)

please guide how can i achieve this if possible with detailed step . Thanks

Siva shunmugam Nadessin 8,325 Reputation points Microsoft External Staff Moderator

2026-04-06T18:50:43.6733333+00:00
Hello upendar naik

Thank you for reaching out to the Microsoft Q&A forum.

Based on the information you’ve provided—and since the documentation snippets you shared don’t cover the Outlook/Exchange-calendar side of things—we’ll need to nail down a few details before we can give you a step-by-step solution. Could you please clarify:

Authentication method • Do you want to call Microsoft Graph (recommended) or use Exchange Online PowerShell cmdlets? • If Graph, have you registered an Azure AD app or do you plan to use a service account/delegated credentials?

Permissions in place • Does your service principal or account already have Calendars.ReadWrite.Shared (application) or the Exchange Online roles needed to add/remove calendar permissions? • Will you store credentials/certs in Azure Automation (Managed Identity) or in Key Vault?

Trigger and scope • Is your flow triggered only on “Item Created” or also on updates to existing items? • Should the logic run for all list items or do you have filtering logic (for specific owners, date ranges, etc.)?

Desired final state • If “Remove EA access” = Yes, do you want to only remove that user’s calendar permissions, or also explicitly re-add them later? • If “Remove EA access” = No, do you still want to check & remove stale Backup-EA entries before granting “owner” access?

Error handling & notifications • How do you want to be notified if the calendar-permission change fails (e.g. email to Admin, post back to SharePoint list)?

Once we have these details, we can outline a concrete solution—whether that’s a pure Power Automate flow (using HTTP actions against Graph), an Azure Automation runbook (PowerShell Graph SDK or Exchange cmdlets), or a hybrid approach.
upendar naik 0 Reputation points

2026-04-06T19:09:30.0733333+00:00
Hi Shiva

Authentication method • Do you want to call Microsoft Graph (recommended) or use Exchange Online PowerShell cmdlets? • If Graph, have you registered an Azure AD app or do you plan to use a service account/delegated credentials? #Using HTTP connector and register An Azure ADD app and I don't have service account using my personal account with required access .

Permissions in place • Does your service principal or account already have Calendars.ReadWrite.Shared (application) or the Exchange Online roles needed to add/remove calendar permissions? • Will you store credentials/certs in Azure Automation (Managed Identity) or in Key Vault? #Using my my personal account which I had Calendar.ReadWrite.Shared(Application)

Trigger and scope • Is your flow triggered only on “Item Created” or also on updates to existing items? • Should the logic run for all list items or do you have filtering logic (for specific owners, date ranges, etc.)? #I want to trigger my flow only when item i created.and adding back up EA to owner's calendar should start an Start date and time from share point list

Desired final state • If “Remove EA access” = Yes, do you want to only remove that user’s calendar permissions, or also explicitly re-add them later? • If “Remove EA access” = No, do you still want to check & remove stale Backup-EA entries before granting “owner” access? #If Remove acces is Yes then I want to remove it.. but after sometime if needed it should re assigned

Error handling & notifications • How do you want to be notified if the calendar-permission change fails (e.g. email to Admin, post back to SharePoint list)? #Email notification

Currently I have used HTTP connector by using azure app registration and added Back Up EA to Owners Callender but I can only see the calendar and can able to create events or modify events but I wanted to Manage the Entire Outlook like.. checking the emails and sending emails and responding to Meeting request every control same as Owners.

As pery research.. Azure Automation can give controll to get the full access but I'm not worked on azure automation.. a full guide will be helpful. Thanks for the response

1 answer

Your answer

Siva shunmugam Nadessin 8,325 Reputation points Microsoft External Staff Moderator

2026-04-06T18:50:43.6733333+00:00

Hello upendar naik

Thank you for reaching out to the Microsoft Q&A forum.

Based on the information you’ve provided—and since the documentation snippets you shared don’t cover the Outlook/Exchange-calendar side of things—we’ll need to nail down a few details before we can give you a step-by-step solution. Could you please clarify:

Authentication method • Do you want to call Microsoft Graph (recommended) or use Exchange Online PowerShell cmdlets? • If Graph, have you registered an Azure AD app or do you plan to use a service account/delegated credentials?

Permissions in place • Does your service principal or account already have Calendars.ReadWrite.Shared (application) or the Exchange Online roles needed to add/remove calendar permissions? • Will you store credentials/certs in Azure Automation (Managed Identity) or in Key Vault?

Trigger and scope • Is your flow triggered only on “Item Created” or also on updates to existing items? • Should the logic run for all list items or do you have filtering logic (for specific owners, date ranges, etc.)?

Desired final state • If “Remove EA access” = Yes, do you want to only remove that user’s calendar permissions, or also explicitly re-add them later? • If “Remove EA access” = No, do you still want to check & remove stale Backup-EA entries before granting “owner” access?

Error handling & notifications • How do you want to be notified if the calendar-permission change fails (e.g. email to Admin, post back to SharePoint list)?

Once we have these details, we can outline a concrete solution—whether that’s a pure Power Automate flow (using HTTP actions against Graph), an Azure Automation runbook (PowerShell Graph SDK or Exchange cmdlets), or a hybrid approach.

Answer 1

Hello upendar naik,

When investigated we see that you have correctly Used the HTTP connector with Microsoft Graph, Registered an Azure AD App, Granted Calendars.ReadWrite.Shared (Application) permission, Added the Backup EA to the Owner’s calendar

As a result, the Backup EA can:

View the calendar
Create and modify calendar events

This behavior is expected and correct.

The key limitation is by design Microsoft Graph cannot provide full Outlook mailbox control.

Even with application permissions, Graph does not support:

Reading or sending emails, Managing the Inbox, Responding to meeting requests, Acting fully on behalf of the mailbox owner. This is a security boundary enforced by Microsoft.

To give the Backup EA the same level of access as the Owner (emails + calendar):

Exchange Online Full Access Mailbox Permission is required

This is the only supported method to allow:

Full email access
Send/respond to meeting requests
Full mailbox management

The recommended solution architecture

Since you want automation and no service account:

Power Automate + Azure Automation (Managed Identity)

In high-level How it works is

SharePoint List
- Owner email
- Backup EA email
- Start / End dates
- “Remove access” flag
Power Automate
- Trigger: Item created
- Calls an Azure Automation Runbook
Azure Automation
- Uses System‑Assigned Managed Identity
- Runs Exchange Online PowerShell
- Grants or removes mailbox permissions

Example actions performed by Automation

Grant full access

Add-MailboxPermission -Identity ******@company.com -User ******@company.com -AccessRights FullAccess

Remove access

Remove-MailboxPermission -Identity ******@company.com -User ******@company.com -AccessRights FullAccess -Confirm:$false

Access can be removed and re‑assigned anytime based on your SharePoint logic.

So, if any step fails:

Power Automate sends an email notification to Admin
Optional: update SharePoint item status

The final takeaway is Microsoft Graph is suitable for calendar-only access, Graph cannot provide full Outlook/mailbox access, Full Outlook control requires Exchange Online mailbox permissions, Azure Automation with Managed Identity is secure, supported, and scalable, No personal credentials needed

Fully reversible and auditable. Hope this helps!! Let us know if you have any questions?

Siva shunmugam Nadessin 8,325 Reputation points Microsoft External Staff Moderator

2026-04-07T17:43:17.06+00:00

upendar naik, Just checking in to see if the solution shared above help you to resolve your issue. please reach out to us If you have any further questions.

Thanks
Siva shunmugam Nadessin 8,325 Reputation points Microsoft External Staff Moderator

2026-04-08T20:54:24.9166667+00:00

upendar naik, If the answer was helpful, kindly & and “up-vote this can be beneficial to other community members.

Share via

Calendar Access full transfer using power automate and azure automation

1 answer

Your answer