Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,225 questions
A community member has associated this post with a similar question:
Building an app to send email using Microsoft Graph API through which different user of different company domain can send email
Only moderators can edit this content.
Building an app with Microsoft Graph API to enable cross-domain email sending
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 59%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Subhasis Ghosh
0
Reputation points
I'm building a C# application that will utilize Microsoft Graph API to allow users from different email domains to send emails. So far, I've completed the following steps:
- Registered my application through Azure App Registration under multi-tenant option.
- Used Redirect URI as default - "https://login.microsoftonline.com/common/oauth2/nativeclient" since this is a desktop application.
- Specified my company's Azure admin as the owner of the application.
- Added delegated permission for Microsoft Graph API User.Read and Mail.Send.
- Used clientID from the Azure App registration page and tenantID as common in the code.
- Utilized AcquireTokenInteractive() to obtain the access token interactively from user.
- Sent the email.
However, when a user from a different domain attempts to send emails using my application, they receive a window requesting approval for access token. I have the following questions:
- If the user presses the request for approval button, does it trigger an email to the azure admin of the other domain for approval?
- Or does the azure admin of the other domain need to approve the request from their azure ad admin page?
- Is Azure Admin access required to perform this task?
- What's the best practice to handle this scenario, so that a user from a different domain can send emails using my application?
I appreciate your assistance!
{count} votes
-
Subhasis Ghosh 0 Reputation points
2024-09-30T13:36:27.2633333+00:00 I am developing an application using C# that will be able to send email using Microsoft Graph API. My main intention is that using this application, different users from different companies (i.e. different email domains) will be able to send emails.
I am providing details of what I have done till now.
Suppose my company’s email domain is azureAdmin@mycompany.co.uk.
1. The Azure admin of my company has registered an application through Azure App registration under multi-tenant option.
2. As this is a desktop application, we are using Redirect URI as default – https://login.microsoftonline.com/common/oauth2/nativeclient
3. My company’s azure admin (azureAdmin@mycompany.co.uk) is the owner of the application.
4. Delegated permission for Microsoft Graph API User.Read and Mail.Send is added.
5. In the code, I have used clientID from the Azure App registration page and tenantID as common
6. Then I use AcquireTokenInteractive() to acquire token interactively from user.
7. And then sending the mail –
So my question is, when someone from other domain tries to send email using this application, he/she is getting this window asking for approval for access token –
So, what happens when the user press request for approval? –
1. Does it trigger an email to xyz company azure admin for approval?
2. Or xyz azure admin need to approve the request for the requested user from their azure ad admin page?
3. Is Azure Admin access is absolutely necessary for this?
4. Lastly, can you please let me know what is the best way to handle this scenario i.e. what settings or coding to be done so that different user from different companies (i.e. different domain like xyz.co.in) can send email using my application (registered in azure AD by my organization azureAdmin@mycompany.co.uk)