0
votes

I'm creating an app that would manage meetings in Office 365 (Exchange online) through EWS. The app should use dedicated (service) account which would impersonate organizer's account and create the meeting requests. The app works now but I'm not sure what is the best way to create the service account in Office 365 and what are the least privileges it needs for this scenario.

Currently, I created a new user in Office 365 and granted it ApplicationImpersonation role in Exchange Admin. As I said it works now but the account is regular user with mailbox and is consuming a license. If I just remove the license from this 'service' account then calling ExchangeService.AutodiscoverUrl() throws exception, which contains Error: The email address can't be found.

How to properly create the service account (account without mailbox and license) that would work in this scenario?

2

2 Answers

1
votes

I think you're stuck with buying a license for that account. Without a license, you cannot log in.

0
votes

Is there any reason that you are using EWS instead of using the Graph/Rest API? With OAuth and scoping and such, you have a much better app impersonation kind of story and you would not need tenant admins to configure ExchangeImpersonation to get your app working. The involvement of the tenant admins is somewhat of a deal breaker for 3rd party apps.

Is there a scenario that you are interested in that the graph API doesn't cover?