Does anyone know how to request permission to send emails using Graph API by an app that runs without a signed-in user?
I have an Azure WebApp with permission to send email using Microsoft Graph.
In the Azure portal (Azure Active Directory -> App registrations -> MyApp - API permissions), my app has granted permission for Mail.Send( Type: Application : Description: Send mail as any user ).
In the next step, I’m inviting a user from my organization. In Azure Ad the user type is Guest. I receive an email on that account to accept the invitation. I can log in with that account through the Microsoft login page but the account is managed by my organization – it is not an account created by me.
Using that account with MS Graph explorer I’m able to send an email, but I want to do the same from my application without been logged in. The purpose is to use this account only for sending emails.
I was able to get the access token, use the API and get user basic info, but I get an exception when I'm trying to send an email:
Code: ResourceNotFound
Message: Resource could not be discovered.
// get token
var authContext =
new AuthenticationContext("https://login.microsoftonline.com/" + tenantID);
var result = await authContext
.AcquireTokenAsync("https://graph.microsoft.com", new ClientCredential(clientId, secret));
// create graph service
GraphServiceClient graphServiceClientApp =
new GraphServiceClient("https://graph.microsoft.com/v1.0",
new DelegateAuthenticationProvider(
async(requestMessage) =>
{
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("bearer", result.AccessToken);
}));
// create message obj
//.....
// send email
await graphServiceClientApp.Users["f5521fbc-481e-4e90-9166-33a64eb8f7e9"]
.SendMail(message, false)
.Request()
.PostAsync();
The user ID like f5521fbc-481e-4e90-9166-33a64eb8f7e9 is taken from azure portal, in user details there is a Object ID field
authContext? And also details on how you obtained the User object ID? – Philippe Signoret