question

Prashantanand-3441 avatar image
0 Votes"
Prashantanand-3441 asked Prashantanand-3441 answered

Graph api - Shared email box - forbidden error

I am using graph-api and i have added access to mail.read.shared in app permissions (Azure AD).

i am not able to read shared user emails, getting erroraccesssdenied.

please help.

microsoft-graph-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AtulThorat-MSFT avatar image
0 Votes"
AtulThorat-MSFT answered

Hi @prashantanand-3441,

Hope you are doing well.

Outlook also allows a customer to delegate another user to act on the customer's behalf, and access specific mail folders or the customer's entire mailbox; this is also known as "delegation" in Outlook.

Microsoft Graph supports getting messages in mail folders that have been shared by other users, as well as getting the shared folders themselves. The support also applies to folders that have been delegated.

As per outlook-share-messages-folders we have to use delegation scope while granting permission "Mail.Read.Shared".

Use the delegated permissions, "Mail.Read.Shared" or "Mail.ReadWrite.Shared", to respectively read or write messages in a shared or delegated folder.

For more information, see permissions-reference

Please refer below graph api permission for this same.

201038-mailreadshared.png

Hope this helps.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".



mailreadshared.png (45.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Prashantanand-3441 avatar image
0 Votes"
Prashantanand-3441 answered

Thanks for the response @AtulThorat-MSFT .

I had used same permissions level in my api permissions, ans it is saying - 'No' for the admin consent. just lie your screen shot mentioned.

I can add another user calendar from my outlook becasue that user shared it with me.

but when i am creating api with this same permissions sets, it is showing me access error.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.