Share via

acces personal mail box using graph api

mark severs 0 Reputation points
2023-05-05T08:57:33.9766667+00:00

i am trying to make an api call to an outlook mailbox using the Graph api and oAuth2.0 using azure.

i have set up an app and given it the mail.Read delegated and aplication permissions.

i can retreive the user to get some account info like username and email adress.

but when i try to use me/messages i get an error: The tenant for tenant guid

'f4fe5477-5167-4788-add6-ca7ad5c5b5ce' does not

and when i use https://graph.microsoft.com/v1.0/users/markusomega_outlook.com#EXT#@markusomegaoutlook.onmicrosoft.com/messages

i get an error Resource 'markusomega_outlook.com' does not exist or one of its queried reference-property objects are not present.

does anybody have an idea of what it could be that i am doing wrong.

Outlook Windows Classic Outlook for Windows For business
Microsoft Security Microsoft Graph

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Antonio 250 Reputation points Microsoft External Staff
    2023-05-05T18:10:51.55+00:00

    Hi mark severs,

    Thanks for posting in the Q&A forum. Since externally invited accounts do not have (nor are supported) with mailboxes.

    External access - A feature that allows users to find, call, and chat with people who have Microsoft identities, including those from other organizations.

    Guest access - A feature that allows you to invite people from outside your organization to join a team. Guests can also call, chat, and meet with people in your organization and you can share files and folders with them. Invited people get an Azure AD B2B collaboration guest account in your directory.

    As can also be seen in the List Messages documentation:

    Get the messages in the signed-in user's mailbox (including the Deleted Items and Clutter folders).

    Further in some testing when attempting to retrieve messages on an external user using the object ID GUID the following message is seen.

    GET https://graph.microsoft.com/v1.0/users/{External User Object ID}/messages
Response 404:
{
    "error": {
        "code": "MailboxNotEnabledForRESTAPI",
        "message": "The mailbox is either inactive, soft-deleted, or is hosted on-premise."
    }
}
  2. CarlZhao-MSFT 46,366 Reputation points
    2023-05-08T03:18:02.8633333+00:00

    Hi @mark severs

    Guest users can't create/get messages at the organization level of the target tenant, because guest users don't have an O365 Exchange Online license in this tenant.

    Guest users can only create/get messages from their home tenant. For this, you need to create a multi-tenant app in the target tenant, then log in with the guest user and get an access token to call the me/messages API endpoint.

    User's image

    Use auth code flow to get access token:

    Note that you have to change /{tenant id} to /common to skip tenant level login.

    1.Request an authorization code in the browser.

    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?
client_id={client id}
&response_type=code
&redirect_uri={redirect_uri}
&response_mode=query
&scope=openid offline_access Mail.ReadWrite
&state=12345

    2.Redeem token.

    https://login.microsoftonline.com/common/oauth2/v2.0/token 
client_id={client id}
&scope=openid offline_access Mail.ReadWrite
&code={code}
&redirect_uri={redirect_uri}
&grant_type=authorization_code
&client_secret={client_secret}

    User's image

    Call the API endpoint:

    User's image

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.