0
votes

I tried get/set the outlook rules using messagerules, the Microsoft Graph API call. It's working for my mailbox without any problem. When i tried doing for other user mailboxes it's failing with error

"code: ErrorAccessDenied", "message:Access is denied. Check credentials and try again".

I set delegated permissions for the app, passed correct credentials, still it's failing. How to investigate and fix this issue? Any guidance would be of help.

1
Is there any reason why you want to use delegated permissions when you want to access the other user mailbox?Dev
Thanks @Dev for helping me in this one too. I am new to Graph API, so i just followed Microsoft documentation. Tried delegated permission for my app, it was working for my mailbox. So i was expecting it should work when i try calling other mailboxes too? Am i doing wrong?Alice
For your scenario, you should use application permission instead of delegated permission. Let me explain a bit. Some apps call Microsoft Graph using their own identity and not on behalf of a user. They can be background services or daemon apps that run on a server without the presence of a signed-in user. These apps make use of OAuth 2.0 client credentials grant flow to authenticate and are configured with application permissions, which enable such apps to access all mailboxes in a organization on Exchange Online.Dev
Thanks again @Dev. Now i understand it and i believe this will work. Do you have any sample/guidance how to implement it? Also share me the steps how i test it with tool like POSTMAN?Alice
Great news. I tested the steps as per the documentation. POSTMAN works for me. Issue resolved. Awesome 'MasterDev' for your assistance again!!Alice

1 Answers

0
votes
  • For your scenario, you should use application permission instead of delegated permission, as it won't work for you.
  • Let me explain a bit. Some apps call Microsoft Graph using their own identity and not on behalf of a user. They can be background services or daemon apps that run on a server without the presence of a signed-in user. These apps make use of OAuth 2.0 client credentials grant flow to authenticate and are configured with application permissions, which enable such apps to access all mailboxes in a organization on Exchange Online.
  • The related documentation/steps available @ link (yes, you can test this via POSTMAN too - detailed steps are given in the documentation itself) as well
  • You tested it out, confirmed the steps working for you!!