I am looking into possibility to create or delete email aliases for user emails in Office 365 through EWS Managed API.
It can be easily done through UI: https://support.office.com/en-sg/article/Add-an-email-alias-to-a-user-account-cd25a91a-eb1a-4ed7-be94-5517fb5113c2, but unfortunately, I haven't found any methods in Exchange Web Services API to do this.
Does anyone know if it's possible?
EWS does not support manipulating the user. You would want to investigate using Remote Powershell and the mailbox-related cmdlets.
Related
How do third party mailapps like samsung email and many others get access to exchange data without being registred as a application in the azure ad?
Every guide about exchange authentification (OAuth) i found online had the requirement to register your application in the azure active directory before it can be used to read mails etc. But if that's the case, how do widespreaded mailapps like samsung deal with this problem? They are never listed as an registerted application, yet they have full access on your mails, calendar etc. In real-time too.
I try to solve this with an app that is written in c# using the .net framework. I dont know if that is already a problem in that regard.
How do third party mailapps like samsung email and many others get
access to exchange data without being registered as a application in
the azure ad?
Samsung have their own Azure Application registration that must be consented to its generally done once by the tenant admin.
There is a good reason for the consent framework to allow both control of what applications can access data but also to allow for the correct auditing of the access. If you want to know what App registration a particular mail client is using just look at the Azure Signin logs. Another recent case was around this Apple's mail app see https://practical365.com/microsoft-auto-update-apple-mail-app-profiles/
I create a unified group using the graph api through a queue-triggered azure function (C#). When created, I want to tag some information on custom attributes and do other exchange-related stuff like hide from GAL. How is this best done?
I have tried using yet another queue-triggered function in order to connect to exchange online with powershell, although I have a hard time getting the credentials right having only clientid, secret and certificate thumbprint in the functions configuration. To run exchange online commandlets it seems like you have to go with actual user credentials (username, password).
I have also explored the possibilities of doing this kind of settings directly from the graph API but it seems limited in this case.
I got this working by using an Azure Automation runbook triggered by a webhook.
So after creating the unified group through graph api, a http-call is made to trigger the runbook. The runbook is then utilizing Exchange powershell module to alter group settings.
My organization currently uses Office365, and I am creating a Universal Windows Platform app that essentially needs to access the calendars of multiple accounts within the organization. I am currently using the Office365 Rest API, and already can successfully query a single account's calendar data, after getting an OAuth2.0 access token for a particular user.
After searching through multiple resources and existing Stackoverflow questions, I have tried the following with no luck to get multiple user account calendars without having to sign in to each account individually:
Performing a GET request with the graph API from Microsoft Graph API
Performing a GET request using navigation paths to users calendars using this method and other variations. (Returns 403 access denied error)
I also found a possible solution by using EWS Managed API, but I was unsure of its compatibility with UWP and our current Office 365 setup.
Lastly, I looked into building daemon or service apps, but this method seemed really unnecessary and possibly impossible with the current configuration of Azure. It requires asymmetric key crypt. set up within the system, and re-configuring the app as a whole within Azure.
Any help is appreciated.
[EDIT]: FYI all of the calendars have been made public, and can be viewed in the web client of Outlook.
I found to what I think is the only solution with today's version of UWP and the Office365 REST Api.
First I started up a different application that was compatible with the EWS Managed API and made a query to the Microsoft Exchange server that my organization is using. I tracked this request using Fiddler, the http debugger, to view the actual request and response. This way, I could find the exact endpoint of my exchange server.
Then, I navigated to the exchange service's URL in my browser, and saved the service's WSDL file, and imported it as a service reference to my UWP solution.
Finally, I set up a Httpclient, and generated a request to match all of the properties of the request made from the successful EWS Managed API call that I tracked in Fiddler.
I want to get an access to Calendar rest API. I've created azure multi-tenant app, and configured it.
I'm trying to get an access token to resource "https://outlook.office365.com/", but I get an error
'AADSTS50001: Resource 'https://outlook.office365.com/' is disabled.'
Note: I couldn't find "Office 365 Exchange Online" inside "Permissions to other applications" section inside azure account.
Your help please.
You won't see Exchange in your Azure account unless you have an Office 365 subscription that includes Exchange. It sounds like you're registering in https://manage.windowsazure.com? You might want to try registering your app in https://apps.dev.microsoft.com and using the v2 Azure auth flow. Big benefit is you can register apps with just a Microsoft account (like outlook.com, etc) See https://dev.outlook.com/RestGettingStarted for walkthroughs.
Really getting frustrated at this. My company is using Outlook 365 for its Exchange services. I am trying to automate sending of exception emails from the client via exchange. However all of the literature on the subject seems to show that I have to provide a NetworkCredential with plain text username/passwords somehow. I am hoping to connect using the logged in user's account.
From an infrastructure point of view, I understand that Office 365 is authenticating users via ADFS, which is why bog standard negotiate is not working. It would also make sense that this is why I need the plain text password. However it would seem to me that there should be no reason why Kerberos style auth would not work.
In summary, is there some programmatic way to send emails via Outlook 365 without encoding privileged information into the application either the source or the config?
Thanks
Generally, if you can login to the Office 365 Live with Internet Explorer without providing username\password than you should be able to get the NetworkCredintials for the currently logged in user with CredentialCache.DefaultCredentials.