Issue with sending mails using Graph API

Question

Issue with sending mails using Graph API

Krishna Nagesh Kukkadapu 21

Hello Team,

I am trying to send a mail using Graph API using asp.net core c# and i am getting the following error

ServiceException: Code: BadRequest
Message: Current authenticated context is not valid for this request. This occurs when a request is made to an endpoint that requires user sign-in. For example, /me requires a signed-in user. Acquire a token on behalf of a user to make requests to these endpoints. Use the OAuth 2.0 authorization code flow for mobile and native apps and the OAuth 2.0 implicit flow for single-page web apps.

I have created an Application Registration and also granted the following API permissions.
Microsoft Graph:

Directory.Read.All
Application.ReadWrite.OwnedBy
Mail.Send
Azure AD:
Directory.Read.All
Application.ReadWrite.OwnedBy

I am using this code
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithTenantId(tenantID)
.WithClientSecret(clientSecret)
.Build();

ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClientApplication);

GraphServiceClient graphClient = new GraphServiceClient(authProvider);

var message = new Message
{
Subject = "Meet for lunch?",
Body = new ItemBody
{
ContentType = BodyType.Text,
Content = "The new cafeteria is open."
},
ToRecipients = new List<Recipient>()
{
new Recipient
{
EmailAddress = new EmailAddress
{
Address = "myToEmail@Stuff .com"
}
}
},
CcRecipients = new List<Recipient>()
{
new Recipient
{
EmailAddress = new EmailAddress
{
Address = "myCCEmail@Stuff .com"
}
}
}
};

        var saveToSentItems = true;  

        await graphClient.Me  
          .SendMail(message, saveToSentItems)  
          .Request()  
          .PostAsync();  

        return graphClient;

Can someone help in fixing this issue.

JamesTran-MSFT 36,906 Reputation points Microsoft Employee Moderator

2020-09-24T23:52:56.57+00:00

@Krishna Nagesh Kukkadapu
Thank you for the post!

Looking at your issue, it seems very similar to this one.

-From your error message, can you make sure that your application has the correct redirect URIs, i.e. https://myapp/auth
-Are you following any documentation when it comes to sending the email via GraphAPI?

If you have any other questions, please let me know.
Thank you for your time and patience.
Krishna Nagesh Kukkadapu 21 Reputation points

2020-09-25T15:38:39.857+00:00

I followed the article which was provided, still i am getting the same error.

2 answers

Your answer

JamesTran-MSFT 36,906 Reputation points Microsoft Employee Moderator

2020-09-24T23:52:56.57+00:00

@Krishna Nagesh Kukkadapu
Thank you for the post!

Looking at your issue, it seems very similar to this one.

-From your error message, can you make sure that your application has the correct redirect URIs, i.e. https://myapp/auth
-Are you following any documentation when it comes to sending the email via GraphAPI?

If you have any other questions, please let me know.
Thank you for your time and patience.
Krishna Nagesh Kukkadapu 21 Reputation points

2020-09-25T15:38:39.857+00:00

I followed the article which was provided, still i am getting the same error.

Answer 1

Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Moderator

You're targeting the /me endpoint which is not available using application credentials. You need to specify the user account that will be used to send the message.

await graphClient.Users["<user id or upn>"]
    .SendMail(message, saveToSentItems)
    .Request()
    .PostAsync();

--
Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.

Krishna Nagesh Kukkadapu 21 Reputation points

2020-09-25T23:42:42.097+00:00

I tried putting the service principal name which has access mentioned above and its not working. I tried giving delegated permissions as well even that is not working as well.
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator

2020-09-28T21:52:50.94+00:00

You have to put a user id or user principal name, but not a service principals. Those do not have a mailbox.

Answer 2

Krishna Nagesh Kukkadapu 21

Is there away where i can send mails on behalf of a shared o365 mailbox , where i am seeing the shared mailbox as a Group in AAD ?

Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator

2020-09-28T22:08:15.363+00:00

I will try this on my end and will let you know ASAP.
Krishna Nagesh Kukkadapu 21 Reputation points

2020-10-01T15:19:16.647+00:00

@alfredo-revilla-msft - Any luck on this ?
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator

2020-10-01T19:36:35.757+00:00

Actually shared mailboxes are stored as users in AAD so you can just use their id or upn as in the sample :)
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator

2020-10-28T18:28:40.187+00:00

Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.

Share via

Issue with sending mails using Graph API

2 answers

Your answer