'Publish a web calendar that can be subscribed to by Outlook 365's Modern Authentication

I want to publish a calendar in our web application so that customers can subscribe to it using their favourite software - Google Calendar, Outlook.com etc.

I am pulling the data from our database and using sabre/dav's VObject class to create an ics file and then serving it via a url:

webcal://www.server.com/calendar.php?username=john.doe&cal_id=efccd95ee22917d327e31840fbc1a97936a4

This works for Google Calendar and Thunderbird, but not Outlook.com, which apparently tries to do some 'Modern Authentication' (yes that's what it's called) which involves Oauth 2. There's no error, but no events either. I'm assuming this is what's stopping it working:

https://support.microsoft.com/en-gb/help/4025591/you-can-t-add-an-internet-calendar-in-outlook

As far as I'm aware it's not a synchronisation interval issue, since:

  1. The events do not appear in Outlook 365 in the first instance
  2. Even after 24 hours they have not appeared

A similar question has been asked with no answers forthcoming:

Create a calendar link for Outlook Office 365 calendar?

I captured the HTTP request headers sent by Outlook to my server, and apart from the user agent "Exchange" it is a standard request with no extra headers.

Microsoft do not appear to have documented exactly what Outlook 365 expects.

There is a work around that says use OWA (Outlook Web Access) when subscribing, I think that only applies to enterprise customers.

Below is the response of my server.

Curl output:

< HTTP/1.1 200 OK
< Date: Mon, 22 Jul 2019 17:52:59 GMT
< Server: Apache/2.4.18 (Ubuntu)
< Content-Length: 648
< Content-Type: text/calendar;charset=UTF-8
<
BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Sabre//Sabre VObject 4.2.0//EN
CALSCALE:GREGORIAN
BEGIN:VEVENT
UID:sabre-vobject-f1337426-242c-4c5f-a7af-199ff6aa68d9
DTSTAMP:20190722T175259Z
SUMMARY:Super Event
DTSTART:20190716T131500
DTEND:20190716T191500
END:VEVENT

… etc.

END:VCALENDAR

Expected result is, after subscribing, events are added to the Outlook 365 calendar, actual result is no events are added.

I'd be happy just to find out what mechanism is used by Microsoft to decide whether to use Modern Auth, and then tell it No I don't want to use any authentication.

Edit:

I looked into using CalDAV, and eventually came to the conclusion that both Microsoft and Google want integrators to authenticate with OAuth 2 and then access their calendars through the published APIs (Google optionally provides a CalDAV interface for this).

google-calendar-apioutlook.comwebcal


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

How to access Google calendar in Android

An event that is guests can modify is not update via google calendar api

How do I convert the google private key for the google calendar api into a env file?

Google Calendar API batch request PHP

Batch request Google Calendar php API

Batch request Google Calendar php API

Google G Suite ( Workspace ) How to disable the passcode on the device

Google G Suite ( Workspace ) How to disable the passcode on the device

Google Calendar V3 hangs when used outside local environment

Get Holidays List of a Country from Google Calendar API

Node.js - Google Calendar API showing error "Missing end time" when inserting an event

How to get correct color value for preset Google Calendar colors via API

Google Calendar API show all events from public calendar

Join Date and time for events from sheet to calendar [duplicate]

Google Calendar API authorization working on localhost but not on Heroku