This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello everyone,
I have a console application in C# for to read and send e-mails and it works fine. Now I'm implementing big attachments in the messages, so, I need to create a draft message for to add the files.
The sender is the principal queue where I delegated the other queues.
This is the code for to send the messages, and it works fine.
var result = await graphClient
.Users[sender]
.SendMail(message, saveToSentItems)
.Request()
.PostResponseAsync();
This is the code for to read the exchange e-mails with attachments, and it works fine.
private IMailFolderMessagesCollectionPage RetrieveMessages(string email, string folder, string filterByData, GraphServiceClient graphClient)
{
var messages = graphClient
.Users[$"{email}"]
.MailFolders[$"{folder}"]
.Messages
.Request()
.Expand("attachments")
.Filter(filterByData)
.Top(1000)
.OrderBy("receivedDateTime asc")
.GetAsync()
.GetAwaiter()
.GetResult();
return messages;
}
But if I add this part of code for to create a draft message
var draft = await graphClient.Users[sender].Messages
.Request()
.AddAsync(message);
It returns this error:
Code: ErrorAccessDenied
Message: Access is denied. Check credentials and try again.
This is my authentication method:
public static GraphServiceClient GetGraphClient()
{
string clientId = ConfigurationManager.AppSettings["clientId"];
string tenantId = ConfigurationManager.AppSettings["tenantId"];
var scopes = new string[] { "https://graph.microsoft.com/.default" };
var principalEmail = ConfigurationManager.AppSettings["PrincipalEmail"];
var principalPassword = ConfigurationManager.AppSettings["PrincipalPassword"];
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};
var userName = principalEmail;
var password = principalPassword;
var userNamePasswordCredential = new UsernamePasswordCredential(userName, password, tenantId, clientId, options);
return new GraphServiceClient(userNamePasswordCredential, scopes);
}
I don't understand where the problem is, because I can send and read all e-mails, also I read e-mails in subfolders, so, I don't know where the problem is creating the draft message.
Does anyone have any idea what the problem could be?
Thanks in advance!
Horacio
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 46%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGC%3C/text%3E%3C/svg%3E)
Hi @Horacio Crespo , can you please check your app permissions. To send a message "Mail.Send" and to read messages "Mail.ReadBasic.All, Mail.Read, Mail.ReadWrite"(from least to most privileged) are required. Even with least permissions (Mail.ReadBasic.All, Mail.Read) also you can read some basic properties of a message.
But to create a draft message "Mail.ReadWrite" permission is required. I am suspecting that "Mail.ReadWrite" permission is missing on your app. Permission reference link: https://learn.microsoft.com/en-us/graph/permissions-reference.
Please check the app permissions as suggested and share the response.
you are right, the application user in azure has the following permissions:
Adding, the permission Mail.ReadWrite.Shared, now, I can create e-mails in the draft folder
Thanks !
Horacio
Hi @Horacio Crespo , glad to know that my suggestions have been fixed your issue.
Rewriting my comments as an answer to this QnA post:
After granting Mail.readwrite/Mail.readwrite.Shared permission to your application, you are able to create a draft message using MS Graph API.
Please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.