Share via

Microsoft oauth email sending issue in entra admin center

Ravi Dobariya 0 Reputation points
2023-10-13T04:16:02.4666667+00:00

0

as i need to send email from microsoft o behalf of user who gave me mail sending permission below are the steps which i have followed

  1. created application in entra.microsoft.com
  2. added platform configuration as web and SPA
  3. Added permission for profile and mail for both application and delegated.

Now on code side followed below steps

  1. called below api from browser

https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize?client_id={client_id}&response_type=code&redirect_uri=http://localhost:3000&response_mode=query&scope=User.Read Mail.Read Mail.Send openid profile offline_access

  1. then getting code in query parameter
  2. used that code from step 5 in below API

https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
where below is body in x-www-form-urlencoded format
client_id, scope=User.Read Mail.Read Mail.Send openid profile offline_access, code, redirect_uri, grant_type= authorization_code, client_secret.

in resopnse i am getting

token_type,scope,expires_in,ext_expires_in,access_token,refresh_token,id_token.

  1. Now i am using access_token from step 6 to send mail with below api
    https://graph.microsoft.com/v1.0/users/" + fromEmailAddress + "/sendMail

but it always says
{ "error": { "code": "ErrorInvalidUser", "message": "The requested user is invalid." } can someone help me to solve this issue
or suggest me proper way to perform this task
Thanks in advance

{ "error": { "code": "ErrorInvalidUser", 
"message": "The requested user is invalid." }
Microsoft Security Microsoft Entra Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. QuantumCache 20,366 Reputation points Moderator
    2023-10-13T16:50:33.5666667+00:00

    Hello @Ravi Dobariya Is this issue related to Azure Data Factory?

    The error message "The requested user is invalid" suggests that the fromEmailAddress parameter in the API call is not valid. Please make sure that the email address is in the correct format and that it belongs to a valid user in your organization. You can also try using the user's object ID instead of the email address in the API call.

    Additionally, please make sure that the access token you are using has the necessary permissions to send email on behalf of the user.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.