Share via

How send an email using graphAPI from only a single email account

Dusan Jevtic 20 Reputation points
2024-11-14T15:15:02.1233333+00:00

Hi, currently I'm trying to send an email from an application using application permissions and "mail.send", the only issue is that "mail.send" can send emails from any user in my company. I've tried using "New-ApplicationAccessPolicy", which I've set to restrict to a group with just the email I want to be allowed to send emails from. Unfortunately, it didn't work and I was still able to send emails from other work emails. What is the way I should go about accomplishing this?

Microsoft Security | Microsoft Graph
0 comments
Accepted answer
  1. CarlZhao-MSFT 46,376 Reputation points
    2024-11-15T03:06:45.74+00:00

    Hi @Dusan Jevtic

    Have you created the application access policy correctly? According to the documentation, it should support the Mail.Send application permission.

    User's image

    Note that you need to add the target user as a member of a mail-enabled security group. The administrators can then limit application access to only that set of mailboxes by creating an application access policy for access to that group.

    New-ApplicationAccessPolicy -AppId xxxxxxxxxxx -PolicyScopeGroupId xxxxxxxxxxx -AccessRight RestrictAccess -Description "xxxxxxxxxxxxxxx."

    Finally, you can test whether the application has access to the user by running the Test-ApplicationAccessPolicy command.

    Test-ApplicationAccessPolicy -Identity xxxxxxxxxxxx -AppId xxxxxxxxxxxxxxxxxxxxxxxx

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.