Exchange Online REST API

%3CLINGO-SUB%20id%3D%22lingo-sub-193773%22%20slang%3D%22en-US%22%3EExchange%20Online%20REST%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-193773%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20want%20to%20use%20the%20REST-API%20from%20my%20Exchange%20Online%20account%20to%20edit%20the%20calendar%20entries.%3C%2FP%3E%3CP%3EWhen%20I%20try%20to%20connect%20with%20%22invoke-webrequest%22%20I%20get%20an%20error%20403.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhere%20can%20I%20enable%20the%20API%20for%20my%20account%20in%20Exchange%20Online%20settings%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3CBR%20%2F%3EMartin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-193773%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-315063%22%20slang%3D%22en-US%22%3ERe%3A%20Exchange%20Online%20REST%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-315063%22%20slang%3D%22en-US%22%3E%3CP%3ESince%20you%20are%20accessing%20other%20people's%20messages%2C%20you%20need%20the%20relevant%20permissions%20-%20either%20Full%20Access%20permissions%20on%20their%20mailbox%2C%20or%20a%20corresponding%20API-level%20permissions%20via%20the%20app%20you%20are%20getting%20the%20token%20for.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-315012%22%20slang%3D%22en-US%22%3ERe%3A%20Exchange%20Online%20REST%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-315012%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20i%20am%20trying%20to%20access%20a%20functional%20email%20box%20messages%20using%20the%20outlook%20API%202.0%20using%20my%20credentials%20using%20the%20below%20line.%20i%20get%20a%20Forbidden%20403%20error.%20my%20intention%20is%20to%20search%20for%20a%20certain%20subject%20in%20the%20functional%20email%20box%20and%20download%20the%20attachment.%26nbsp%3B%20Pls%20let%20me%20know%20what%20should%20i%20check%20from%20my%20side.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24mail%20%3D%3CBR%20%2F%3EInvoke-RestMethod%20-Headers%20%40%7BAuthorization%20%3D(%22Bearer%20%22%2B%20%24Authorization.access_token)%7D%60%3CBR%20%2F%3E-Uri%20%3CA%20href%3D%22https%3A%2F%2Foutlook.office.com%2Fapi%2Fv2.0%2Fusers%2Fretailoperations%40domain.com%2Fmessages%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Foutlook.office.com%2Fapi%2Fv2.0%2Fusers%2Fretailoperations%40domain.com%2Fmessages%3C%2FA%3E%20%60%3CBR%20%2F%3E-Method%20Get%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20below%20one%20works%20for%20accessing%20my%20email%20inbox.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24mail%20%3D%3CBR%20%2F%3EInvoke-RestMethod%20-Headers%20%40%7BAuthorization%20%3D(%22Bearer%20%22%2B%20%24Authorization.access_token)%7D%60%3CBR%20%2F%3E-Uri%20%3CA%20href%3D%22https%3A%2F%2Foutlook.office.com%2Fapi%2Fv2.0%2Fme%2Fmessages%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Foutlook.office.com%2Fapi%2Fv2.0%2Fme%2Fmessages%3C%2FA%3E%20%60%3CBR%20%2F%3E-Method%20Get%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-194292%22%20slang%3D%22en-US%22%3ERe%3A%20Exchange%20Online%20REST%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-194292%22%20slang%3D%22en-US%22%3E%3CP%3EYou%20cannot%20pass%20credentials%20directly.%20You%20need%20to%20get%20a%20token%20and%20pass%20that%20token%20via%20an%20auth%20header.%20The%20documentation%20on%20that%20is%20here%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foutlook%2Frest%2Fget-started%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foutlook%2Frest%2Fget-started%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-194028%22%20slang%3D%22en-US%22%3ERe%3A%20Exchange%20Online%20REST%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-194028%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20tried%20it%20with%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%3Eiwr%20%22https%3A%2F%2Foutlook.office.com%2Fapi%2Fv2.0%2Fme%2Fcalendarview%3FstartDateTime%3D2018-05-01T01%3A00%3A00%26amp%3BendDateTime%3D2018-10-31T23%3A00%3A00%22%20-Credential%20%24(Get-Credential)%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnd%20the%20result%20is%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%3Eiwr%20%3A%20The%20remote%20server%20returned%20an%20error%3A%20(403)%20Forbidden.%3CBR%20%2F%3EAt%20line%3A1%20char%3A1%3CBR%20%2F%3E%2B%20iwr%20%22https%3A%2F%2Foutlook.office.com%2Fapi%2Fv2.0%2Fme%2Fcalendarview%3FstartDateTim%20...%3CBR%20%2F%3E%2B%20~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%3CBR%20%2F%3E%20%2B%20CategoryInfo%20%3A%20InvalidOperation%3A%20(System.Net.HttpWebRequest%3AHttpWebRequest)%20%5BInvoke-WebRequest%5D%2C%20WebExc%3CBR%20%2F%3E%20eption%3CBR%20%2F%3E%20%2B%20FullyQualifiedErrorId%20%3A%20WebCmdletWebResponseException%2CMicrosoft.PowerShell.Commands.InvokeWebRequestCommand%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3EMartin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-193996%22%20slang%3D%22en-US%22%3ERe%3A%20Exchange%20Online%20REST%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-193996%22%20slang%3D%22en-US%22%3E%3CP%3EREST%20is%20enabled%20by%20default.%20Are%20you%20providing%20an%20access%20token%20as%20part%20of%20the%20request%3F%20Do%20you%20have%20the%20necessary%20permissions%20to%20access%20the%20endpoint%20you%20are%20trying%20to%20(assuming%20you%20are%20using%20%2Fuser%40domain.com%2Fcontacts)%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hello,

 

I want to use the REST-API from my Exchange Online account to edit the calendar entries.

When I try to connect with "invoke-webrequest" I get an error 403.

 

Where can I enable the API for my account in Exchange Online settings?

 

Regards,
Martin

5 Replies

REST is enabled by default. Are you providing an access token as part of the request? Do you have the necessary permissions to access the endpoint you are trying to (assuming you are using /user@domain.com/contacts)?

Hello,

 

I tried it with:

 

iwr "https://outlook.office.com/api/v2.0/me/calendarview?startDateTime=2018-05-01T01:00:00&endDateTime=2018-10-31T23:00:00" -Credential $(Get-Credential)

 

And the result is:

 

iwr : The remote server returned an error: (403) Forbidden.
At line:1 char:1
+ iwr "https://outlook.office.com/api/v2.0/me/calendarview?startDateTim ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

 

Regards,

Martin

You cannot pass credentials directly. You need to get a token and pass that token via an auth header. The documentation on that is here: https://docs.microsoft.com/en-us/outlook/rest/get-started

Hi i am trying to access a functional email box messages using the outlook API 2.0 using my credentials using the below line. i get a Forbidden 403 error. my intention is to search for a certain subject in the functional email box and download the attachment.  Pls let me know what should i check from my side.

 

$mail =
Invoke-RestMethod -Headers @{Authorization =("Bearer "+ $Authorization.access_token)}`
-Uri https://outlook.office.com/api/v2.0/users/retailoperations@domain.com/messages `
-Method Get

 

The below one works for accessing my email inbox.

 

$mail =
Invoke-RestMethod -Headers @{Authorization =("Bearer "+ $Authorization.access_token)}`
-Uri https://outlook.office.com/api/v2.0/me/messages `
-Method Get

Since you are accessing other people's messages, you need the relevant permissions - either Full Access permissions on their mailbox, or a corresponding API-level permissions via the app you are getting the token for.