使用 Microsoft graph API 工作帐户发送电子邮件 [英] Sending email with Microsoft graph API work account

问题描述

有谁知道如何通过没有登录用户运行的应用请求使用 Graph API 发送电子邮件的权限?

Does anyone know how to request permission to send emails using Graph API by an app that runs without a signed-in user?

我有一个有权使用 Microsoft Graph 发送电子邮件的 Azure WebApp.在 Azure 门户(Azure Active Directory -> 应用注册 -> MyApp - API 权限)中，我的应用已授予 Mail.Send 的权限(类型:应用程序:描述:以任何用户身份发送邮件).

I have an Azure WebApp with permission to send email using Microsoft Graph. In the Azure portal (Azure Active Directory -> App registrations -> MyApp - API permissions), my app has granted permission for Mail.Send( Type: Application : Description: Send mail as any user ).

在下一步中，我将邀请我单位的用户.在 Azure Ad 中，用户类型是来宾.我在该帐户上收到一封电子邮件以接受邀请.我可以通过 Microsoft 登录页面使用该帐户登录，但该帐户由我的组织管理 - 它不是我创建的帐户.

In the next step, I’m inviting a user from my organization. In Azure Ad the user type is Guest. I receive an email on that account to accept the invitation. I can log in with that account through the Microsoft login page but the account is managed by my organization – it is not an account created by me.

在 MS Graph explorer 中使用该帐户我可以发送电子邮件，但我想在未登录的情况下从我的应用程序中执行相同操作.目的是仅使用此帐户发送电子邮件.

Using that account with MS Graph explorer I’m able to send an email, but I want to do the same from my application without been logged in. The purpose is to use this account only for sending emails.

我能够获取访问令牌、使用 API 并获取用户基本信息，但是当我尝试发送电子邮件时出现异常:

I was able to get the access token, use the API and get user basic info, but I get an exception when I'm trying to send an email:

代码:ResourceNotFound

Code: ResourceNotFound

消息:无法发现资源.

// get token
var authContext =
    new AuthenticationContext("https://login.microsoftonline.com/" + tenantID);

var result = await authContext
    .AcquireTokenAsync("https://graph.microsoft.com", new ClientCredential(clientId, secret));

// create graph service
GraphServiceClient graphServiceClientApp =
    new GraphServiceClient("https://graph.microsoft.com/v1.0",
        new DelegateAuthenticationProvider(
            async(requestMessage) =>
            {
                requestMessage.Headers.Authorization =
                    new AuthenticationHeaderValue("bearer", result.AccessToken);
            }));

// create message obj
//.....

// send email
await graphServiceClientApp.Users["f5521fbc-481e-4e90-9166-33a64eb8f7e9"]
    .SendMail(message, false)
    .Request()
    .PostAsync();

f5521fbc-481e-4e90-9166-33a64eb8f7e9 等用户 ID 取自 azure 门户，在用户详细信息中有一个 Object ID 字段

The user ID like f5521fbc-481e-4e90-9166-33a64eb8f7e9 is taken from azure portal, in user details there is a Object ID field

推荐答案

当作为用户发送邮件时，用户需要有一个与之关联的邮箱.

When sending an email as a user, the user needs to have a mailbox associated with them.

没有包含 Exchange Online 的许可证的用户以及外部用户(例如受邀用户)通常在租户中没有邮箱，因此将无法发送电子邮件.

Users without a license that includes Exchange Online, as well as external users (e.g. invited users) will generally not have a mailbox in the tenant, and thus would be unable to send emails.

这篇关于使用 Microsoft graph API 工作帐户发送电子邮件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！