Share via

How to backup and restore private group's conversation and calendar where admin user is not a member?

Boopathi Krishnan 20 Reputation points
2025-04-07T10:42:58.8233333+00:00

Hi Team,

I am working on backing up and restoring Microsoft 365 Group data, including conversations, calendar events, and metadata.

Backup

For backing up group conversations, I am using application permissions, which allows me to retrieve conversations from both public and private groups, regardless of group membership. This part is working as expected.

Restore

However, for restoring group conversations, the Microsoft Graph API requires delegated permissions. I have implemented delegated access by acquiring a token on behalf of an admin user. With this, I am able to restore conversations only in groups where the admin user is a member.

This means I am currently unable to restore conversations in groups where the admin user is not a member, which limits the restore functionality for private groups.

Calendar

When it comes to calendars, I am facing issues for both backup and restore. I am unable to access private group calendars unless the user (even the admin) is a member of the group. This limitation blocks backup and restore operations for private groups.

EWS API

I also explored using the EWS API, but it requires the primary SMTP address of the group mailbox, which is not feasible in most scenarios for modern Microsoft 365 Groups.

Could you please advise:

Is there any way to access or restore data (conversations/calendars) for private groups using application permissions or other means, even if the user is not a group member?

Are there any workarounds or recommended practices for handling such scenarios in backup and restore operations?

Looking forward to your guidance on how to proceed further.

Best regards,
Boopathi K

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,541 questions
0 comments
Accepted answer
  1. Akhil Nasalwai - MSFT 1,535 Reputation points Microsoft External Staff
    2025-04-08T07:30:34.1033333+00:00

    Hello Boopathi Krishnan,

    Thank you for reaching out to Microsoft!!

    • To Access or restore data (conversations/calendars) for private groups, Unfortunately Microsoft Graph API restricts certain operations to delegated permissions. This is a security measure to ensure that only authorized users can access sensitive data. Application permissions alone won't bypass this limitation.
    • If you are dealing with groups that have hidden membership, you might explore configuring Azure Active Directory (AAD) policies to manage group visibilities and access. This could involve creating dynamic group memberships or using sensitivity labels to govern access.
    • As you noted, the EWS API requires the primary SMTP address, which can be impractical. However, if you can obtain SMTP address programmatically, it might be worth revisiting this option.

    As a workaround,

    • To restore conversations or calendars in private groups, you might consider temporarily adding the admin user as a member of the group. This can be automated using PowerShell scripts or Azure Logic Apps.
    • If direct restoration isn't feasible, you could export metadata and conversations to external storage solution. This allows you to preserve data while working around API limitations.
    • Please try checking the Microsoft's own backup M365 backup and restore features which might offer additional options for handling private group data. You can explore using the links mentioned below:

    Links for reference:

    https://learn.microsoft.com/en-us/microsoft-365/backup/backup-restore-data?view=o365-worldwide&tabs=onedrive

    https://learn.microsoft.com/en-us/microsoft-365/backup/backup-faq?view=o365-worldwide

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.