MailboxNotEnabledForRESTAPI - Microsoft Graph API integration with HMA Enabled on-premise server

Question

We had integrated our application with Microsoft Graph API enabling user to access their outlook through our application. The integration works fine with office365 users but having intermittent issues with users in on-premise server.

Initially after enabling HMA in on-premise server the integration started working, but for past two weeks we are facing issue with the integration and receiving error message as below.

HTTP error: 404
Error code: MailboxNotEnabledForRESTAPI or MailboxNotSupportedForRESTAPI
Error message: "REST API is not yet supported for this mailbox."

But we had not made any recent changes to server or Graph API access. Surprisingly, it started to working today as this was sporadic we need assistance in understanding the issue. Any help is greatly appreciated.

Update: We started seeing the error again early today and we have captured the following log information.

{
    "error": {
    "code": "ResourceNotFound",
    "message": "Resource could not be discovered.",
    "innerError": {
      "date": "2020-10-30T08:03:20",
      "request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d",
      "client-request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d"
    }
  }
}

(1) Share the Graph API call which you're calling (2) Can you share the detailed response logs (with timestamp, requestid, error info) etc? (3) Using Microsoft Graph Explorer/POSTMAN, can you try to see if you can repro the above issue or not — Dev, Oct 22 '20 at 16:11
Yes, still trying to find a solution. Will add more details tomorrow. — Sreekanth, Oct 26 '20 at 14:02
@Dev - Unfortunately, we could not get the logs and as I mentioned it started working for the client since couple of days ago without any changes made. If possible , can you provide what could be the possible reasons for this issue? — Sreekanth, Oct 27 '20 at 07:12
(1) If you had the logs/timestamp & requestid then using that we can tell what might have happened. It's pretty much needed. (2) Check at your end if you did any code changes or configuration/settings at Exchange on your end (3) In addition to this, still you consider filing support ticket with Microsoft to get further assistance. — Dev, Oct 27 '20 at 10:15
We stuck on exactlty the same issue, after HMA setup -> everything works fine for a few days. Then we get reciving the same message(MailboxNotEnabledForRESTAPI). The strange thing: On the Graph Playground it works ! When I use the token from Graph Playground also works in postman or in my application. Any Idea ? GraphPlayground: https://developer.microsoft.com/en-us/graph/graph-explorer — Cyril Iselin, Nov 04 '20 at 08:03
@cyril - I would validate the token that you're using in postman, custom application against the one you got from Microsoft Graph explorer.. check what's the difference between them. — Dev, Nov 12 '20 at 10:24
@Dev Thanks for your reply. I validated the token and I can't find any difference. Also I tried to obtain the token via postman (every flow tried :-)) with the same result. When I create a token (even with postman) I recive for some requests "MailboxNotEnabledForRESTAPI" but with the token generated from graph online it works. — Cyril Iselin, Nov 12 '20 at 12:14

Cyril Iselin · Answer 1 · 2020-11-12T12:42:39.227

2

This post is not an answer :-(, but should provide more details because we are running into the same issue.

To isolate the problem, we only using postman. We are not able to create a "working token" with postman. We tried like every possible O-Auth flow :-). When we use the token generated by "Graph Playground" requests are working.

What means "working token":

Request to: https://graph.microsoft.com/v1.0/me -> GP works | PM works

Request to: https://graph.microsoft.com/v1.0/me/calendar -> GP works | PM don't work

Request to: https://graph.microsoft.com/v1.0/me/contacts > GP works | PM don't work

.....

(GP = Graph Playground // PM = Postman)

Token

On the left side we see the token created via postman. On the right side we see the token from Graph online. I can't find an important difference, you can ? :-)

edited Nov 12 '20 at 12:42

answered Nov 12 '20 at 12:36

Cyril Iselin

596
4
20

1

Thanks @cyril. In short you're telling it's working (that's a good news to hear; also it's telling that there is no issue with Graph API), but not with POSTMAN or with your application (which you may need to see what other differences you're having; also consider testing with delegated permissions) to see if you can able to figure it out. If not, consider filing a support ticket with Microsoft and whether they can help on this. – Dev Nov 12 '20 at 15:36
Thanks @Dev for your reply. With "delegated permissions", you mean that I loggin in behalf of a user? (we do this allready, we don't have a "service user"). I created a support ticket inside the azure portal, but it seems I need another support plan ;) (...) – Cyril Iselin Nov 13 '20 at 07:33
Interesting @Cyril. just make sure whether the same API call worked for your earlier with the same mailbox (in the same hybrid environment & now the same API call returns the above error), correct? – Dev Nov 13 '20 at 15:15
@Dev Correct. When we setted up the enviroment it worked for some days (...). It makes me crazy :) – Cyril Iselin Nov 13 '20 at 15:19
@CyrilIselin - I am curious to know if you found any work around for this issue. I have been trying to get this resolved, any insights are greatly helpful. – Sreekanth Nov 20 '20 at 04:36
@Sreekanth looks like we are in the same position :-) I created my own thread here: https://stackoverflow.com/questions/64911426/graph-api-calls-to-onpremise-exchange-only-works-in-playground, I will spend a big bounty in a day :-). You can help me and upvote the question there. Also I have a call with MS, if any news, I will post it there. ( I can't spend bounty on foreign threads :() – Cyril Iselin Nov 20 '20 at 08:36
@CyrilIselin, Good to hear. I will be keeping an eye and do my part. Our team is communicating with MS but no traction, MS is making us go in circles and create tickets everywhere. Hoping to see the solution. :) – Sreekanth Nov 20 '20 at 10:56
Sreekanth nice to hear we have the same case. Now the want to say me, I need a Office Support licence, because it's office related (??!!!). I created a own thread with bounty here: https://stackoverflow.com/questions/64911426/graph-api-calls-to-onpremise-exchange-only-works-in-playground – Cyril Iselin Nov 25 '20 at 17:44

MailboxNotEnabledForRESTAPI - Microsoft Graph API integration with HMA Enabled on-premise server

1 Answers1

Linked