Can't access shared mailbox through API even after granting permissions

Copper Contributor



As the title said, I am unable to access a shared mailbox using Graph API 1.0 even after granting the right permissions. I want to know what I'm missing here.

The user can see its own emails, but calling the shared mailbox results in this error: Access to OData is disabled.


1) We have setup the following permissions, as of yesterday.








2) Those permissions are given to all the members of our AD group. The shared mailboxes were not part of this AD group at first, but we also added them to the security group today, with no difference in the outcome.


3) This is the URL we're calling

(any other endpoint gives the same result)

but this one works and returns the user's own emails:


4) I am able to see the shared mailbox in the Outlook desktop app and on office 365 online app as well.


What are we missing?


*edit: this forum automatically removed the fake email addresses I wrote for understanding so I put them back.

1 Reply
The "Access to OData is disabled." message signals that an application access policy is configured, restricting API access to the mailbox. Work with the Exchange admin to lift the restrictions or whitelist your app. More details here: