This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I'm building an app that I would like to leverage to create mails in a mailbox in Exchange Online using this Graph API. How do I create an access token for it so that it can only action against specific mailbox? Would I create an app registration and grant certain API access then use an Exchange application restriction policy?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Hi @shockoQA-1
Do suggestions below from Andy help? Feel free to share your update here if any
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Yes, use an Exchange Application access policy and scope to the mailboxes you want to have access to
https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access
However:
This only works for specific scopes, so in your case, you prob cant use this if you want to create mail
So if I grant the application Mail.ReadWrite then as per here it should fall within that scope. Without the access restriction policy would the app have full access to all mailboxes as indicated by https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access which I find concerning! Security should be opt out not in!
That said, thank you for taking he time to reply. Very much appreciated.