How to Create a Shared Mailbox Using Microsoft Graph

Question

How to Create a Shared Mailbox Using Microsoft Graph

h l 0

As a Java developer integrating Microsoft Graph with Spring Boot, I need to create a shared mailbox but haven't found a relevant API. Are there any APIs available to add a shared mailbox directly without creating a user? I have already registered an application and obtained the relevant clientId, clientSecret, and other necessary information.

Relevant dependency versions:

java 21

<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.5.6</version>
<microsoft.graph.version>6.55.0</microsoft.graph.version>
<!-- microsoft -->
<dependency>
    <groupId>com.microsoft.graph</groupId>
    <artifactId>microsoft-graph</artifactId>
    <version>${microsoft.graph.version}</version>
</dependency>
<dependency>
    <groupId>com.microsoft.graph</groupId>
    <artifactId>microsoft-graph-beta</artifactId>
    <version>${microsoft.graph-beta.version}</version>
</dependency>
<dependency>
    <groupId>com.azure</groupId>
    <artifactId>azure-identity</artifactId>
    <version>${azure.identity.version}</version>
</dependency>

Could your team provide me with an API documentation? Or are there any other solution ideas? I do not want to assign licenses to users for creating mailboxes.

Please reply as soon as possible. Thank you.

0 comments

2 answers

Your answer

Answer 1

Thank you for your reply. To avoid any misunderstanding between us regarding our respective interpretations, I would like to supplement with some screenshots. User's image

I would like to add the type of shared email account shown in the screenshot.

1 Regarding the PowerShell solution you mentioned, does your team provide any relevant SDKs or APIs for use?
2 If we use the PowerShell solution, is it necessary to execute PowerShell commands on Microsoft's servers? (My understanding is that this is not feasible.) If it is not feasible, then how can I execute PowerShell commands on my own server to create a shared mailbox on a remote server?

Thank you for your prompt reply and patient explanations.

Answer 2

Adiba Khan 2,345 Microsoft External Staff

Thank you for reaching out. I understand that you would like to create a shared mailbox using Microsoft graph API within a spring boot application.

Currently, Microsoft graph API does not directly support creating shared mailboxes. Shared mailboxes can only be created via exchange online PowerShell or exchange admin center(EAC) not via graph API.

Once a shared mailbox has been created in exchange, you can use Microsoft graph API too:

access the shared mailbox messages and folder.
Assign permissions.
Manage members or delegate access.

Work around-Create shared mailbox via PowerShell

you can use exchange online PowerShell with the following command

         New-Mailbox –Shared –Name “Support Team” –DisplayName “Support Mailbox” –Alias “support”

Then assign users access to it:

         Add-MailboxPermission -Identity “support” -User “[******@contoso.com](mailto:******@contoso.com)” -AccessRights FullAccess -InheritanceType All

         Add-RecipientPermission -Identity “support” -Trustee “[******@contoso.com](mailto:******@contoso.com)”  -AccessRights SendAs

Once created, the mailboxes accessible through Microsoft graph under the /users endpoint using its mailbox identity

Accessing the shared mailbox via Microsoft graph

you can read messages from a shared mailbox using the /users/{shared_mailbox}/messages endpoint.

Example:

       GET [https://graph.microsoft.com/v1.0/users/******@contoso.com/messages](https://graph.microsoft.com/v1.0/users/******@contoso.com/messages)

       Authorization: Bearer <access_token>

You will need to ensure your Azure AD application has appropriate delegated or application permissions:

Mail.Read
Mail.ReadWrite
Mail.Send

See official graph permissions reference:

Microsoft Graph permissions reference - Microsoft Graph | Microsoft Learn

Shared mailboxes | Microsoft Learn

Use the Outlook mail REST API - Microsoft Graph v1.0 | Microsoft Learn

Install a Microsoft Graph SDK - Microsoft Graph | Microsoft Learn

New-Mailbox (ExchangePowerShell) | Microsoft Learn

If your goal is to automate shared mailbox creation, you can use Microsoft graph PowerShell SDK or exchange online management module in your automation pipeline instead of calling graph directly.

Please let us know if you require any further assistance we’re happy to help. If you found this information useful, kindly mark this as "Accept Answer".

h l 0 Reputation points

2025-11-05T10:09:58.5933333+00:00

Thank you for your reply. To avoid any misunderstanding between us regarding our respective interpretations, I would like to supplement with some screenshots.

I would like to add the type of shared email account shown in the screenshot.

1 Regarding the PowerShell solution you mentioned, does your team provide any relevant SDKs or APIs for use? 2 If we use the PowerShell solution, is it necessary to execute PowerShell commands on Microsoft's servers? (My understanding is that this is not feasible.) If it is not feasible, then how can I execute PowerShell commands on my own server to create a shared mailbox on a remote server?

Thank you for your prompt reply and patient explanations.
h l 0 Reputation points

2025-11-05T11:57:34.3733333+00:00

The two methods you mentioned are both interactive solutions. What I want to use is script-based or programmatic execution. Do you have any plans in this regard going forward? Will you open up relevant APIs?
h l 0 Reputation points

2025-11-06T01:03:04.01+00:00

After creating a user, assign a license to them, then remove the license and change the user type to "shared". However, when using the API to modify the type to "shared", an internal server error occurs. Is this approach feasible? If not, how should I modify this type to achieve functionality similar to "Convert to Shared Mailbox" on EAC?
Adiba Khan 2,345 Reputation points Microsoft External Staff

2025-11-06T08:51:14.08+00:00
Thank you for your detailed follow up and for sharing this screenshot that's very helpful for understanding your scenario. I will address each of your question individually below for clarity.

1.      **Regarding SDK's or API for creating shared **** **mailboxes:

At this time, Microsoft graph API does not support creating shared mailboxes or converting existing user mailboxes to shared mailboxes.

These actions are currently supported only through exchange online PowerShell or the exchange admin center (EAC).

There are no graph SDKs or REST APIs that can perform mailbox type conversion pr creation operations programmatically.

Refrences:

Shared mailboxes | Microsoft Learn

New-Mailbox (ExchangePowerShell) | Microsoft Learn

2.      Executing PowerShell commands on the remote server

you do not need direct access to Microsoft's server to run exchange PowerShell commands. Instead, you can securely connect from your own environment using the exchange online PowerShell (EXO V3) module.

Here's how you can connect and create a shared mailbox remotely:

#Install the module if not installed Install-Module ExchangeOnlineManagement #Connect to Exchange Online (using your tenant credentials) Connect-ExchangeOnline -UserPrincipalName [******@yourdomain.com](mailto:******@yourdomain.com) #create a shared mailbox New-Mailbox -Shared -Name “support Mailbox” -DisplayName “Support Mailbox” -Alias “support” #Assign mailbox permissions Add-MailboxPermission -Identity “support” -User “[******@yourdomain.com](mailto:******@yourdomain.com)” -AccessRights FullAccess Add-RecipientPermission -Identity “support” -Trustee “[******@yourdomain.com](mailto:******@yourdomain.com)” -AccessRights SendAs # Disconnect the session Disconnect-ExchangeOnline -Confirm:$false

References:

Connect to Exchange Online PowerShell | Microsoft Learn

About the Exchange Online PowerShell V3 module | Microsoft Learn

3**.      **Script based Or programmatic execution

we understand your need for a noninteractive or automated solution.

You can fully automate PowerShell scripts using app only authentication(certificate based authentication), allowing the script to run unattended (for example, and in Azure automation , CI/CD, or background services).

Here's the reference for setting that up:

About the Exchange Online PowerShell V3 module | Microsoft Learn

Currently, there are no graph API for shared mailbox creation, but we have relayed customer feedback about this need to the Microsoft graph engineering team

you can stay updated on new graph API capabilities at:

Changelog - Microsoft Graph

**4.      **Converting a user mailbox to shared via API

you are correct that trying to modify the user type to “shared” via graph API or directory Updates result in an internal server error. This is because mailbox type conversion is not exposed through Microsoft graph.

The supported method to convert a user mailbox to a shared mailbox is through exchange online PowerShell:

Set-Mailbox -identity [******@yourdomain.com](mailto:******@yourdomain.com) -Type Shared

Once converted, the mailbox no longer requires a license, and permissions can be managed using graph API or PowerShell. Open

At present no public Microsoft graph endpoint exists for shared mailbox creation or conversion. However, Microsoft continuously expands graph capabilities based on customer demand. You can track feature updates and submit suggestions via the official feedback portal:

https://feedbackportal.microsoft.com/feedback/forum/1eec8e49-2d46-ec11-b6e6-0022481f8472

Please let us know if you require any further assistance we’re happy to help. If you found this information useful, kindly mark this as "Accept Answer".
Adiba Khan 2,345 Reputation points Microsoft External Staff

2025-11-11T06:05:54.5066667+00:00

"Hope you're doing well. We're following up on the ticket. Please let us know before 17 november whether the issue persists or has been resolved, after that we'll close this thread and If the issue has been resolved, kindly mark the response as answered."
h l 0 Reputation points

2025-11-11T10:02:52.8133333+00:00
Hello, first of all, thank you again for your solution.

I have another question. When using PowerShell for unattended execution, I encountered some issues:

Regarding platform differences: For example, the commands used when running PowerShell on Linux, macOS, and Windows are different, resulting in high maintenance costs for cross-platform use. How to address such cross-platform challenges?

When establishing an unattended connection, the explanation of certificate authentication methods is relatively vague. For instance, if my certificates are not hosted on specific platforms but possibly stored on a self-built platform or in a database, how should I handle this?

Regarding the limitations of development (or scripting) languages: For example, it has poor support for object-oriented languages like Java, and there are no relevant examples available. Does your team have any better solutions?

The above are some of my questions. When using PowerShell for related operations, I hope your team can provide targeted solutions or examples.
Adiba Khan 2,345 Reputation points Microsoft External Staff

2025-11-11T12:08:33.9633333+00:00
Thank you for your detailed follow up and for sharing your experience with unattended PowerShell execution

you have raised very valid points about cross-platform compatibility, certificate-based authentication and language integration.

Addressing cross-platform PowerShell differences

PowerShell is indeed cross-platform (windows, Mac OS, Linux), but some exchange online modules rely on windows PowerShell features not fully mirrored in PowerShell core (used on Linux/macOS).

To minimize platform specific maintenance, we recommend the following approaches:

1.      Use PowerShell 7 (core)+ exchange online management module v3- this version has been optimized for cross-platform use and support non interactive authentication.

2.      Standardize execution environments by using docker containers or Azure automation runbooks: this allows you to encapsulate your PowerShell configuration system scripts regardless of the host OS.

References:

https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell?view=powershell-7.5

https://learn.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps#cross-platform-support

https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps#use-in-azure-automation

Certificate based unattended authentication

When using certificate-based app only authentication, the certificate must be accessible to this of runtime.

If your certificates are stored outside the OS certificate store (e.g., in database, vault or custom storage services) you can load them dynamically using PowerShell scripting.

Example (loading certificate from a file or byte stream):

$CertPath= "C:\Certs\AppCert.pfx" $CertPassword= (ConvertTo-SecureString "YourPassword" -AsPlainText -Force) $Cert = New-object System.Security.Cryptography.X509Certificates.X509Certificate2($CertPath, $CertPassword) Connect-ExchangeOnline -AppId "your-app-id" -Certificate $Cert -Organization "yourtenant.onmicrosoft.com"

if you are storing certificates in are secure database or Azure key vault:

Retrieve the certificate content securely.

convert it to a System.Security.Cryptgraphy.X509Certificates.X509Certificate2 object before connecting.

References:

https://learn.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps

https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-self-signed-certificate

For enterprise environments, Microsoft recommends Azure key vault for managing certificates and secrets across platforms.

https://learn.microsoft.com/en-us/azure/key-vault/general/basic-concepts

Integration with Java or object oriented languages

you are correct-PowerShell is primarily A scripting environment, and direct integration with Java or spring boot applications is limited. However you can integrate PowerShell automation into Java based systems using one of these approaches:

Option A: REST API bridge

Host your PowerShell scripts as Azure functions or restful web services.

Your Java/spring boot application can invoke these endpoints to trigger ·         mailbox operations.

Option B: process invocation

use Java’s ProcessBuilder to invoke PowerShell scripts locally or remotely from your application.

Example(pseudo-code)
ProcessBuilder pb = new ProcessBuilder("pwsh", "-File", "CreateSharedMailbox.ps1"); Process process = pb.start();

Option C: Microsoft graph API for post creation operation

once the mailbox is created via PowerShell, your Java application can use Microsoft SDK for Java to manage mailbox access, permissions and data.

References:

https://learn.microsoft.com/en-us/graph/sdks/sdk-installation?tabs=java

https://learn.microsoft.com/en-us/graph/api/resources/mail-api-overview?view=graph-rest-1.0

Please let us know if you require any further assistance we’re happy to help. If you found this information useful, kindly mark this as "Accept Answer".
Muhammad Anas naeem 0 Reputation points

2025-11-11T17:46:37.48+00:00

To create a shared mailbox using Microsoft Graph, you generally need to:

Register an app in Azure AD with the required permissions (like Mail.ReadWrite and MailboxSettings.ReadWrite).

Use the Microsoft Graph API to create a shared mailbox by sending a POST request to /users with the mailboxSettings and userType set appropriately.

Assign permissions to users who need access, either via Graph API or through Exchange Admin Center.

On a side note, while managing multiple tasks like this, I’ve found that taking short breaks and incorporating natural supplements like Mimosa bark can help stay focused and energized during long setup sessions. Of course, always source it responsibly.
https://mimosahostilis.shop/
Adiba Khan 2,345 Reputation points Microsoft External Staff

2025-11-14T05:45:39.74+00:00

"Hope you're doing well. We're following up on the ticket. Please let us know before 19 Nov whether the issue persists or has been resolved, after that we'll close this thread and If the issue has been resolved, kindly mark the response as answered."
Adiba Khan 2,345 Reputation points Microsoft External Staff

2025-11-18T05:59:03.2633333+00:00

Hope you're doing well. We're following up on the ticket. Please let us know before 19 Nov whether the issue persists or has been resolved, after that we'll close this thread and If the issue has been resolved, kindly mark the response as answered."
Adiba Khan 2,345 Reputation points Microsoft External Staff

2025-11-19T04:46:22.8733333+00:00

We haven’t received any further updates or follow-up on this case, so we’ll proceed with closing it at this time. If you require additional assistance or have new information to share, please feel free to raise new thread, we’re happy to support you further needed.

Share via

How to Create a Shared Mailbox Using Microsoft Graph

2 answers

Your answer