I have an Azure integrated service application (daemon app) with permissions to the Microsoft graph api, I can now read all the mailboxes for the entire company, which is awesome but might raise some concerns with the business management. We use Outlook in Office 365.Is there a way to specify mailboxes that the app can have access to instead of having access to all mailboxes/users.
Limit access to groups or individual mailboxes using a service application in Azure Ad
1.7k Views Asked by Kaptein Babbalas At
2
There are 2 best solutions below
0
Ren Rutgerg
On
This Microsoft doc appears to give the answer Scoping application permissions to specific Exchange Online mailboxes https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access
Administrators who want to limit the app access to a specific set of mailboxes can use the New-ApplicationAccessPolicy PowerShell cmdlet to configure access control. This article covers the basic steps to configure an application access policy.
Related Questions in AZURE
- How to update to the latest external Git in Azure Web App?
- I need an azure product that executes my intensive ffmpeg command then dies, and i only get charged for the delta. Any Tips?
- Inject AsyncCollector into a service
- mutual tls authentication between app service and function app
- Azure Application Insights Not Displaying Custom Logs for Azure Functions with .NET 8
- Application settings for production deployment slot in Azure App Services
- Encountered an error (ServiceUnavailable) from host runtime on Azure Function App
- Implementing Incremental consent when using both application and delegated permissions
- Invalid format for email address in WordPress on Azure app service
- Producer Batching Service Bus Vs Kafka
- Integrating Angular External IP with ClusterIP of .NET microservices on AKS
- Difficulty creating a data pipeline with Fabric Datafactory using REST
- Azure Batch for Excel VBA
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- Azure Scale Sets and Parallel Jobs
Related Questions in OFFICE365
- Can you programmatically generate a link to open a Word document and navigate to a particular location within it (preferably a comment)?
- Excel dynamically calculate cost of products based on bill of materials (BOM) and purchase price history
- Microsoft Office 365 problem cannot open a blank excel document
- In OfficeScript, how can I make it return the number of cells with a red background?
- Visual Studio write to Office 365 word
- Audit a share Excel workbook
- Copy paste a single value from within a cell to another cell
- Highlight column based on current date and time
- Share Outlook calendars with all members of specific security group
- Python IMAP4 keeps throwing this error when I'm connecting to Outlook. Has anyone seen this error before?
- IMAP configs for Outlook using Mail-listener
- How to add a new menu item on OneDrive action menu?
- Unable to locate fields in Microsoft Access
- Download Sharepoint aspx pages as pdf using python
- VBA - detect if user is running on 365
Related Questions in MICROSOFT-GRAPH-API
- Teams tab application returns SSO error in mobile Outlook
- Implementing Incremental consent when using both application and delegated permissions
- Issue uploading files in spring boot java to onedrive using API
- Validating Access Token in ASP.NET Core Web API project
- MS Graph API Error 504: Timeout when send large data (Java Sdk 5.80.0)
- Why does the API getTeamsTeamActivityDetail has missing data?
- .NET 8 DownstreamAPI not authenticating
- Inquiry Regarding Feasibility of Fetching User login hours(In numbers) Status from Teams for SPFx Integration
- MS Graph .net SDK cannot expand calendar event SingleValueExtendedProperties
- How to disable cached responses from node fetch? (Microsoft Bookings API)
- Build self service Microsoft Partner Center portal using Graph API ( web app )
- Adding skiptoken to query parameters for graph api v5 requests
- OneDrive download link to a direct link not working, auth requested
- Microsoft Teams, Graph API, send message to channel InsufficientPrivileges MessageWritesBlocked-Thread is not marked for import
- Microsoft graph api to get lists in a sharepoint site not listing all lists
Related Questions in AZURE-AD-GRAPH-API
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- getting 401 with no message while creating teams meeting link using azure graph client in NodeJS,JS
- Graph API retrieve multiple applications based on list of appids
- Can we create event in user's calendar with application permissions?
- How to Create Events in User's Outlook Calendar Without Microsoft Account?
- GraphServiceClient using authorization token / refresh token mechanism
- Get AzureAD/EntraID application properties from API call
- "AADSTS9002313: Invalid request. Request is malformed or invalid. While requesting Refresh Tokens
- Microsoft Graph API - Get users with specified app roles
- LastpaswordchangedDatetime return as longint value instead of datetime ,when i calling graphapi from custom policy( forgot password custom policy)
- MS Graph API Insufficient permissions when using Python SDK, sufficient when doing normal HTTP requests
- how to add a user using emailId to azure ad group using java spring boot application
- how to get Azure AD refresh token in Next-Auth / Auth.js
- Roles claim not present in token error when using graph API to connect to SharePoint using selected sites permission
- Python Azure Graph API request for Delegated request needing Admin consent
Related Questions in SERVICE-APPLICATION
- webapi deploy on Azure gives missing ClientId error
- Azure Service App, Debugging in Visual Studio: How to save content to local machine files?
- SQL Server Returns error on geography column
- Is it possible to make a background service app in iOS which is invisible to user and hidden from springboard?
- how to use serial port in a service application environment constantly listening for data
- What is the meaning of service-to-service application?
- Microsoft Graph Api Webhook subscription via Rest Api not working anymore
- Limit access to groups or individual mailboxes using a service application in Azure Ad
- How to synchronize the two cameras in Android
- get user's activity on chrome app
- How to create a service application for Gear S?
- How to set creator Google calendar event via API v3
- Project Server Application Service missing from Services List
- How to make a service application in Firefox OS?
- Project Server service application missing
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The daemon app which use the client credential to acquire the access token.
The client credential flow is used to as an authorization grant typically when the client is acting on its own behalf. And it is not able to specify mailboxes that the app can have access.
You can achieve this by implement the business logic in the daemon app.