Forum Discussion
How can we allow a user to send email from a page within our multi-tenant web app?
HI, we have a custom web application that is multi-tenant. What's the best way to allow a user to grant permission to our application to send emails on their behalf? We treked down the path of using an
Office365Context javascript client and using their client id and tenant id via
https://login.microsoftonline.com but that seems to require us to have each client set up a link to our app in Azure and specify callback url's, etc, it's a length process.
Is there a better, quicker and easier way for our clients to grant us permission on the fly to do this?
1 Reply
- This is a way to allow a user to grant permission to your application to send emails on their behalf is to use the Microsoft Graph API. The Microsoft Graph API is a unified endpoint for accessing data and services across Microsoft 365, including Outlook, OneDrive, SharePoint, Teams, and more. You can use the Microsoft Graph API to send mail from another user using the Outlook mail API1.
To use the Microsoft Graph API, you need to register your application in Azure Active Directory (Azure AD) and request the appropriate permissions. You can use either the delegated permissions or the application permissions to send mail on behalf of a user. The delegated permissions require the user to sign in and consent to the permissions requested by your application. The application permissions require an administrator to consent on behalf of all users in the tenant.
You can use the Microsoft identity platform to authenticate your application and acquire an access token to call the Microsoft Graph API. You can use various authentication flows depending on your application type and scenario. For example, you can use the authorization code flow for web applications, the implicit grant flow for single-page applications, or the client credentials flow for daemon or service applications.
