Forum Discussion

habeebbm's avatar
habeebbm
Copper Contributor
Apr 12, 2023

Granting access to App for Exchange Mail Trace - Least restrictive

Granting access to App for Exchange Mail Trace - Least restrictive

 

===================

We need to grant access via Oauth for an App to reach Email trace on Exchange Online

The management role for this is "message tracking" /Messagehygiene

 

The app doesn't have a service principal so we are not able to add it via Exchange Powershell New-ManagementRoleAssignment

 

Note - We do not want to grant Global reader access as this is a 3rd party managed App.

 

Reference Article - Role Based Access Control for Applications in Exchange Online (Preview) | Microsoft Learn

 

Any help is appreciated.

 

Resources