Search emails from central app without requiring individual user consent

Shivaal 1 Reputation point
2021-02-03T00:44:33.52+00:00

I'm building an app for my company that will allow users to search their Outlook emails (messages) from an internal company page. I'm trying to avoid having each person at my company auth into the app, and instead would like to just get permission from our admin, and then individual users don't have to go through the auth flow.

I'm imagining that when a user issues a search on the page, it makes a request to a server, which then uses a central app token to make a request on behalf of that user (as a param) to the Search API, and then the server does some processing (e.g. group results by thread) and returns that back to the client page.

Is this possible?

This page suggests that it can only be done via an app that uses delegated permissions, but I was hoping there's some workaround.

Thanks.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,506 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Deva-MSFT 2,266 Reputation points Microsoft Employee
    2021-02-03T19:45:33.337+00:00

    The documentation is correct. You can use the Microsoft Search API to search for information in email messages, return messages ranked by relevance, and render a dedicated search experience. The search applies to the body and attachments of messages in the signed-in user's own mailbox. Message search applies to work or school accounts. Users can search their own mailbox, but can't search delegated mailboxes. Have a look at the known limitations.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.