Share via

Graph API Users's MailBox

Babu P 1 Reputation point
2020-07-08T21:18:49.19+00:00

I'm working on office 365 mail's backup using Microsoft Graph SDK in windows forms application.

I want get get all users mails using office 365 administrator account.May i know what are permission i need to provide.?

I can get mails from logged in account (office 365 administrator) but not for others users.

below is the example code.

var messages = await graphClient.Users[UserID].MailFolders[MailFolderID].Messages
.Request()
.GetAsync();

Thanks,
Babu.

Microsoft Security Microsoft Entra Microsoft Entra ID
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2020-07-08T21:54:28.867+00:00

    Hi Babu -

    I order to get to another user's mailbox - and the other user hasn't delegated their mailbox access in Exchange Online (like an administrative assistant might do) - you need to use Application permissions rather than Delegated (which acts on behalf of the user). Here is the relevant documentation on the call: https://learn.microsoft.com/en-us/graph/api/user-list-messages?view=graph-rest-1.0&tabs=http
    Notice that there are three kinds of permissions listed - you need "Application" permissions.

    To get those you need to use Client Credentials Flow - see https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow for details.

    Once you get this working - you are likely to run into throttling issues if you try to load a large volume of email. Details are here: https://learn.microsoft.com/en-us/graph/throttling

    Thanks and best of luck!

    0 comments
  2. Babu P 1 Reputation point
    2020-07-10T19:10:02.417+00:00

    @BobGerman-9536 - Thanks for your answer.

    I'm not sure how to do this

    To get those you need to use Client Credentials Flow - see https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow for details.

    I want to do this on C# Windows Forms Application. I'm explaining below.

    1. Getting Token 
                   try
                 {
                     authResult = await app.AcquireTokenInteractive(scopes)
                         .WithAccount(accounts.FirstOrDefault())
                         .WithPrompt(Microsoft.Identity.Client.Prompt.SelectAccount)
                         .ExecuteAsync();
                     AccessToken = authResult.AccessToken.ToString();
                 }
                 catch (MsalException msalex)
                 {
                     WriteLog("Error(GetAccessToken()) MsalException: " + msalex.Message.ToString());
                 }
    2. using the above token i'm creating "graphClient"

    try
    {
    graphClient = new GraphServiceClient(
    "https://graph.microsoft.com/v1.0",
    new DelegateAuthenticationProvider(
    async (requestMessage) =>
    {
    var token = AccessToken;
    requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", AccessToken);
    requestMessage.Headers.Add("xxx", "yyyy");

                             }));
                 return graphClient;
             }
    1. using the graphClient I'm listig the users. 
                    var users = await graphClient.Users
                        .Request()
                        .GetAsync();

    From this users list how can i access all user mailbox. (note: this is working for the account when i give to get token but not for all the users.) I gave all the application permissions but still not working.

    Code: ErrorAccessDenied
    Message: Access is denied. Check credentials and try again.

    Thankss,
    Babu.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.