How can I send mail in office 365 REST API? - exchange-server

I've found the following documentation on how to send email using Office 365 rest API.
This is the example given on the doucmentation:
POST https://outlook.office.com/api/v2.0/me/sendmail
{
"Message": {
"Subject": "Meet for lunch?",
"Body": {
"ContentType": "Text",
"Content": "The new cafeteria is open."
},
"ToRecipients": [
{
"EmailAddress": {
"Address": "garthf#a830edad9050849NDA1.onmicrosoft.com"
}
}
],
"Attachments": [
{
"#odata.type": "#Microsoft.OutlookServices.FileAttachment",
"Name": "menu.txt",
"ContentBytes": "bWFjIGFuZCBjaGVlc2UgdG9kYXk="
}
]
},
"SaveToSentItems": "false"
}
This works fine if the user authorizes the application to act on it's behalf. However, I am using client crednetial to build a daemon application that acts on behalf of all users in the given tenant hence "POST https://outlook.office.com/api/v2.0/me/sendmail" couldn't work because its is referencing the "me" and can't tell which user is sending the email.
I would appericiate if you can help with sample example. FYI: I am using Java but your answer doesn't have to be in Java.

Replace the /me bit of the URL with /users/<userid>. You can not use /me for any API call with a token from client credentials.

Related

403 Forbidden on Microsoft Teams RSC graph api calls, except on own tenant

I'm working on a Microsoft Teams tab and am planning to use some of the new RSC endpoints to retrieve members of the Team/group the app has been added to.
I have followed all steps from the RSC docs looked at the RSC sample code but still have an issue making Graph API calls to the beta rsc endpoints.
I have listed the RSC permission in the Teams manifest:
"webApplicationInfo": {
"id": "{AD_APP_CLIENT_ID}",
"resource": "https://notapplicable"
},
"showLoadingIndicator": true,
"authorization": {
"permissions": {
"orgWide": [],
"resourceSpecific": [
{
"name": "Member.Read.Group",
"type": "Application"
},
{
"name": "TeamSettings.Read.Group",
"type": "Application"
},
{
"name": "ChatSettings.Read.Chat",
"type": "Application"
},
{
"name": "ChatMember.Read.Chat",
"type": "Application"
},
{
"name": "ChannelSettings.Read.Group",
"type": "Application"
},
{
"name": "TeamMember.Read.Group",
"type": "Application"
}
]
}
}
Query Graph API like so:
GET https://graph.microsoft.com/beta/teams/{{group_id}}/channels/{{channel_id}}
Authorization: Bearer {{access_token}}
content-type: application/json
Where access_token is retrieved like so:
POST https://login.microsoftonline.com/{{ad_tenant_id}}/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id={{ad_app_client_id}}&client_secret={{ad_app_client_secret}}&scope=https://graph.microsoft.com/.default
When I make the GET request to a group+channel which is in the same AAD as where the AAD Application is registered it works fine and information is returned. However, when I run the exact same code on a group+channel which is in a different AD it returns 403 Forbidden.
{
"error": {
"code": "Forbidden",
"message": "Missing role permissions on the request. API requires one of 'TeamMember.Read.All, TeamMember.ReadWrite.All, Group.Read.All, Group.ReadWrite.All, TeamMember.Read.Group, Member.Read.Group'. Roles on the request 'Group.Selected'. Resource specific consent grants on the request ''.",
"innerError": {
"date": "2022-04-06T14:13:26",
"request-id": "ce212ed2-48dc-4a8e-a7ea-4172d0cfd4c4",
"client-request-id": "ce212ed2-48dc-4a8e-a7ea-4172d0cfd4c4"
}
}
}
The response mentions "Resource specific consent grants on the request ''." which seems to suggest it's either missing a header or another access token.
As mentioned before, this exact same code works perfectly fine when I use a group_id and channel_id from within the same AD tenant.
What other steps need to be done to get RSC calls working?

Create MSTeams Personal chat with customized name

We are trying the following payload using MSTeams Bot access Token to create the Personel chat Room with the provided topicName.
Request : POST /v3/conversations
{
"bot": {
"id": "28:XXXXXXXX-a2Xe-460b-8793-XXXXXXXXXXXX",
"name": "XXXXXXXX"
},
"isGroup": false,
"members": [
{
"id": "29:18KXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"name": "Jane"
}
],
"topicName": "News",
"tenantId": "XXXXXX-XXXX-XXX-829b-5131e9a77XXX"
}
In response we got the resource id and we can post Bot message using that Id. But that message is always shown in the Personal Chat \room and it is not creating c chat with the topicName.
Is there any other permissions we need to add ?
To create a chat with customized name you should have minimum 3 participants[Including you]. In the above request only one user is there, that is why it becomes one-one personal chat between you and Jane.

Teams is not displaying my unfurl response

I have a Teams integration with link unfurling set up. I have the messaging endpoint pointed to a public ngrok URL and ngrok proxying a local node.js server that returns the example payload Microsoft has in it's documentation.
This is my endpoint (express.js):
app.post('/bot-test', (req, res) => {
res.send({
"composeExtension": {
"type": "result",
"attachmentLayout": "list",
"attachments": [
{
"contentType": "application/vnd.microsoft.teams.card.o365connector",
"content": {
"sections": [
{
"activityTitle": "[85069]: Create a cool app",
"activityImage": "https://placekitten.com/200/200"
},
{
"title": "Details",
"facts": [
{
"name": "Assigned to:",
"value": "[Larry Brown](mailto:larryb#example.com)"
},
{
"name": "State:",
"value": "Active"
}
]
}
]
}
}
]
}
});
});
When I post a URL in a message in Teams, I see it POST to that endpoint and it responds without errors, but nothing shows up in Teams. What's going wrong? I can't find any logs on Microsoft's side either. I would expect that Teams renders a card with the response payload.
Office 365 Connector cards are not supported for link unfurls ("Message extension previews" in MS parlance). Changing the response to a supported card type worked. Unfortunately, MS doesn't surface this problem anywhere and it just silently discards the response. I was able to find a somewhat useful error description by inspecting the network request that went out from the Teams web client, however.
See this for supported card types: https://learn.microsoft.com/en-us/microsoftteams/platform/task-modules-and-cards/cards/cards-reference

Outlook REST API - Send As

I am currently using the Outlook REST API to send email. This is working fine when sending from a user mailbox such as:
https://outlook.office.com/api/v2.0/users/user#domain.com/sendMail
'user#domain.com' is the UPN of a valid user account in Azure AD.
What I need to do is 'send as' a shared mailbox. According to the documentation this can be achieved by changing the 'From' property in the JSON request body. An example would be:
{
"Message": {
"Subject": "Email Unit Test",
"Body": {
"ContentType": "HTML",
"Content": "Message body"
},
"ToRecipients": [
{
"EmailAddress": {
"Address": "recipient#somehost.com"
}
}
],
"Attachments": [
],
"From": {
"EmailAddress": {
"Address": "shared_mailbox#domain.com"
}
},
"Sender": {
"EmailAddress": {
"Address": "user#domain.com"
}
}
},
"SaveToSentItems": "false"
}
Now, when I give user#domain.com 'Send As' and 'Send On Behalf Of' access to the shared mailbox this works. The recipient gets an email with the from field saying 'user#domain.com On Behalf Of shared_mailbox#domain.com'. What I want however is for the email to appear as being sent from shared_mailbox only without the on behalf of user. To test this out further I removed the 'Send On Behalf Of' access and left 'Send As' access only. In the API I now get an error:
{
"error": {
"code": "ErrorSendAsDenied",
"message": "The user account which was used to submit this request does not have the right to send mail on behalf of the specified sending account., Cannot submit message."
}
}
Interestingly though, in my Outlook client I can still send an email from the shared mailbox and it works as expected with no 'on behalf of' in the From field. I'm starting to wonder whether this is a limitation of the REST API however there is nothing in the Microsoft docs to suggest this.
Has anyone had similar experiences with the REST API?
I tried to do the same thing and it seems the REST API allows you to implement "send on behalf of" but not "send as" feature.

Bot framework direct line using POST with JSON data

I now use bot framework with Azure functions.
it now works when the user sends his message its writes it to queue storage then picked up by Azure function and sends it back to the bot with direct line build in Azure function connector.
I want to change the functionality to LogicAppp and return the answer to the user with direct-line with http rest.
I have a key and have a json input that the function got like this:
{
"relatesTo": {
"user": {
"id": "default-user",
"name": "User"
},
"bot": {
"id": "b5023440-b1ce-11e8-9ad8-f5b615a4c6c3",
"name": "Bot"
},
"conversation": {
"id": "33cd0410-bf46-11e8-a228-a5c7cd21a798|livechat"
},
"channelId": "emulator",
"serviceUrl": "https://0a87dff1.ngrok.io"
},
"text": "example",
"isTrustedServiceUrl": true
}
I try to answer the chat using
https://directline.botframework.com/v3/directline/conversations/{conversationId}/activitie
I can't make it work, the conversation id looks different, it's like a guid instead of an id.
how can help me with the right POST syntax from the json provided?

Resources