does anybody know if it is possible to create an email client app which retrieves mails from a O365 account via MS Graph without registering the app in Azure AD? I think there must be, because how could email apps like the in-built email on the iphone connect to O365 accounts without this? There, I enter my email adress, password and one time (each 90 days) my token which I received via phone (and what I think is cached somewhere?) Any hints or tips are highly appreciated. Thanks in advance.
Asked
Active
Viewed 276 times
1
-
2`MS Graph without registering the app in Azure AD? ` Literally impossible and doesn't make sense unfortunately. Whatever you do within auzre you should have `Azure Ad` token for sure. And for `Microsoft Graph API` also need required permission along with token. So your thought wouldn't come to light. – Md Farid Uddin Kiron Sep 01 '21 at 05:34
-
Is there anything else that you are expecting? Does my reply satisfy your question? – Md Farid Uddin Kiron Sep 01 '21 at 08:07
-
Thanks for your comment. I was just wondering how eMail apps can connect to let's say Google account and to an O365 mailbox without have the Azure App ID. With the token this makes sense, I think they cach it and from time to time you have to enter new. – OliverH Sep 01 '21 at 17:30
1 Answers
0
The client can send some request header showing they are authorized, but if the app (for eg: email app) sends the same request header, it will be rejected unless it's registered.
Thank you Md Farid for the comment, In most cases, Microsoft Graph API also need required permission along with token.
The below document involves manually registering an app with the Azure AD, using OAuth 2.0 On-Behalf-Of flow
https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
SureshBabu
- 418
- 2
- 9