Getting 403 Unauthorized on Graph API Mail Access (School Project with Consent Given)

Hi VasilMichev,

Thanks again for your help so far.

I’ve configured the delegated Microsoft Graph permissions in my Azure AD app registration (Mail.Read, Mail.Read.Shared, and User.Read) and granted consent, but I’m still getting a 403 Unauthorized response when I try to access mailboxes — both within my own tenant and across external tenants.

Could this be related to Publisher Verification, as described in Microsoft’s documentation?

https://learn.microsoft.com/en-us/entra/identity-platform/publisher-verification-overview

Is there any way to access external tenant mailboxes without Publisher Verification — for example, if the external user explicitly consents, or if specific cross-tenant permissions are configured? Also, could my Microsoft 365 student license be a limiting factor in this scenario?

Any clarification would be greatly appreciated.

Best regards,

Chris