Getting 401 error while using graph api to send email /me/sendMail

Question

Getting 401 error while using graph api to send email /me/sendMail

Ibrahim Mufti 0

Hello im creating a project that sends email on behalf of the user the issue is my Authentication, Authorization, Refreshing of token is working correctly the issue is with the
api https://graph.microsoft.com/v1.0/me/sendMail

the request is being send in this manner where we add headers => Authorization: Bearer acccessToken

i dont know what the issue is but im getting 401 error event checked the token validation and the token was not yet expired and contains the scope these scopes
Mail.ReadWrite Mail.Send User.Read profile openid email !!!
and the token claims have these scopes as these

"scp": "Mail.ReadWrite Mail.Send User.Read profile openid email"

PS: i dont have microsoft 365 license neither i have signed for developer program as it is not qualifying me for the program

Best regards
Muhammad Ibrahim Mufti

Anonymous

2025-09-02T21:27:16.72+00:00

@Ibrahim Mufti

Thank you for using Q&A Platform

The issue got from a missing Exchange Online mailbox, which is a hard requirement for sendMail API to function. Even if your token includes the correct scope, the API cannot send mail unless the user has an active mailbox provisioned through a Microsoft 365 license that includes Exchange.

Even if your token is valid and includes the necessary scopes, the user must have a mailbox and the mailbox must be hosted in Exchange Online. The app must be granted the correct permissions and the user must not be a guest or external user without a mailbox.

To resolve the issue, assign a Microsoft 365 license that includes Exchange Online to the user. Once the mailbox is provisioned, the /sendMail API will work as expected.

If you're testing or prototyping, consider joining the https://developer.microsoft.com/en-us/microsoft-365/dev-program to get a free sandbox environment with a fully provisioned mailbox. If you're not qualifying currently, you might try again later or use a different Microsoft account.

If licensing is not an option, consider using https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-smtp-relay via Office 365 or a third-party service to send emails on behalf of users.

I hope this helps in resolving the issue, do let me know if you have any further questions on this
Anonymous

2025-09-03T20:15:50.9+00:00

@Ibrahim Mufti Just checking to see if you have a chance to check my previous response and helped, do let me know if you have any further questions on this.
Ibrahim Mufti 0 Reputation points

2025-09-03T20:21:25.8133333+00:00

i see thanks for the response @Anonymous

i tried applying for developer program but due to the policies im not being able to it says i didnt qualify for the program...
Ibrahim Mufti 0 Reputation points

2025-09-04T21:04:19.54+00:00

Okay understood thanks for the help

1 answer

Your answer

Anonymous

2025-09-02T21:27:16.72+00:00

@Ibrahim Mufti

Thank you for using Q&A Platform

The issue got from a missing Exchange Online mailbox, which is a hard requirement for sendMail API to function. Even if your token includes the correct scope, the API cannot send mail unless the user has an active mailbox provisioned through a Microsoft 365 license that includes Exchange.

Even if your token is valid and includes the necessary scopes, the user must have a mailbox and the mailbox must be hosted in Exchange Online. The app must be granted the correct permissions and the user must not be a guest or external user without a mailbox.

To resolve the issue, assign a Microsoft 365 license that includes Exchange Online to the user. Once the mailbox is provisioned, the /sendMail API will work as expected.

If you're testing or prototyping, consider joining the https://developer.microsoft.com/en-us/microsoft-365/dev-program to get a free sandbox environment with a fully provisioned mailbox. If you're not qualifying currently, you might try again later or use a different Microsoft account.

If licensing is not an option, consider using https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-smtp-relay via Office 365 or a third-party service to send emails on behalf of users.

I hope this helps in resolving the issue, do let me know if you have any further questions on this
Anonymous

2025-09-03T20:15:50.9+00:00

@Ibrahim Mufti Just checking to see if you have a chance to check my previous response and helped, do let me know if you have any further questions on this.
Ibrahim Mufti 0 Reputation points

2025-09-03T20:21:25.8133333+00:00

i see thanks for the response @Anonymous

i tried applying for developer program but due to the policies im not being able to it says i didnt qualify for the program...
Ibrahim Mufti 0 Reputation points

2025-09-04T21:04:19.54+00:00

Okay understood thanks for the help

Answer 1

@Ibrahim Mufti
The most likely cause of the 401 Unauthorized error, even with the correct scopes, is that the user account you are authenticating with does not have an active Microsoft 365 license with an Exchange Online mailbox.

The /me/sendMail API endpoint requires a user to have a functioning mailbox to send emails. An Exchange Online mailbox is only created when a user has a license that includes this service. The scopes (Mail.Send, Mail.ReadWrite, etc.) grant your application the permission to act on the user's behalf, but the user themselves must have the underlying capability to send mail.

This is a common point of confusion. While your authentication and token are correct, and the token contains all the necessary permissions, the 401 error is not about your application's permissions; it's about the user's lack of a licensed mailbox.

Since you mentioned you don't have a Microsoft 365 license and don't qualify for the developer program, the account you're using for testing likely doesn't have an associated mailbox, which is a hard requirement for the sendMail functionality.

I hope this helps in resolving the issue, do let me know if you have any further questions on this

Abdul Gani 0 Reputation points

2025-09-26T03:10:08.3666667+00:00

i face same issues, after 12 Sep 25 got 401 only for one sender, when i check the mailbox is full, it is possible causing 401 if mailbox full ?

Share via

Getting 401 error while using graph api to send email /me/sendMail

1 answer

Your answer