How can I fetch emails from shared email address (or inbox) through an app or through Graph API?

Occasional Visitor

I have a registered application in Azure portal which helps in fetching emails from a mail address. The application has all API permissions related to mail set to read and write permissions. The steps I follow to fetch emails are:

  1. I call https://login.microsoft.com/{org-id}/oauth2/v2.0/token with the application client id and client secret to get the refresh token & access token
  2. I use the above tokens to invoke graph API https://graph.microsoft.com/v1.0/me/messages along with filter parameters to fetch emails.

All these above actions are done through a backend service running on NodeJS, and whenever we sent email to that particular mail address (say, email address removed for privacy reasons), the backend service invokes above APIs to return emails from email address removed for privacy reasons.

Now, I have another shared mailbox (say, email address removed for privacy reasons) and I want to use the application to fetch emails from that inbox as well. I already had done few workarounds, but none has worked.

  1. I changed the URL to https://graph.microsoft.com/v1.0/users/{id | shared mailbox address}/messages but I keep getting Access denied error.
  2. I can manually access the shared mailbox over browser but if I try through Graph API Explorer, where my email address is being used to set access token, I get Access denied error.

Note that both email address removed for privacy reasons and my email address has access to this shared mailbox.

Please let me know what else can I do in regard to the solution or configure any specific permissions needed for this.

 

Appreciate any help.

1 Reply
You need to add/consent the required permissions for the user (you can try it out on Graph Explorer by selecting the permissions from "Settings Gear" on left side.) Select Mail.Read.Shared from the list of permissions and consent it. On successful, you can access the shared mailbox and its messages like the following: https://graph.microsoft.com/v1.0/users/{sharedmailboxmailaddress}/messages

Assuming a user token, then you are using delegated permissions. Accessing as an app is a bit different in perms but similar approach. -E-