HybridExchange and new \api new virtual directory

Occasional Contributor
We want secure \api virtual directory on the on prem exchange.
We will use graph api to query calender and other data for all users
Definitely Admin I'd would be involved with rights on all mailboxes
The weakest part in security is \api will be exposed to internet.
What is recommended security for it?
A) allow only O365 IP address to hit \api virtual directory at our edge firewall level?
0 Replies