![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 92%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
17,608 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @sheida sadrai ,
Thanks for reaching out.
I understand you are trying to grant delegated permission to access one particular email box using daemon applications.
For daemon application, where you don't want user to explicitly sign-in, you can use client credentials grant flow but there is no option to use delegated permission with daemon applications.
However, there is an option to use application permission to specific mailbox, which limit application permission to specific Exchange Online Mailboxes by using by using the New-ApplicationAccessPolicy.
Application access policy restricts mailbox access for apps that have been granted any of the Microsoft Graph or Exchange Web Services permission scopes that the policy supports.
Reference : https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access
Hope this will help.
Thanks,
Shweta
----------------------------------------------
Please remember to "Accept Answer" if answer helped you.