I'm upgrading a backend service that currently uses basic authentication to read and delete emails from a single mailbox on an exchange server to authenticate using OAuth2.0. I'm having difficulty finding conclusive documentation about the best authorization flow for this.
What is the best authorization flow that achieves the following?
- Authorizes a connection from backend service to an Exchange 2013 server, an Exchange 2016 server, an Exchange 2019 server, or Office365.
- Authorizes access to a specific mailbox and does not allow acess to other mailboxes within the organization.
- Allows read/write access.