MailboxNotEnabledForRESTAPI - Microsoft Graph API integration with HMA Enabled on-premise server

sreekanth gundlapally 16 Reputation points
2020-10-21T13:55:18.183+00:00

We had integrated our application with Microsoft Graph API enabling user to access their outlook through our application. The integration works fine with office365 users but having intermittent issues with users in on-premise server.

Initially after enabling HMA in on-premise server the integration started working, but for past two weeks we are facing issue with the integration and receiving error message as below.

HTTP error: 404
Error code: MailboxNotEnabledForRESTAPI or MailboxNotSupportedForRESTAPI
Error message: "REST API is not yet supported for this mailbox."

But we had not made any recent changes to server or Graph API access. Surprisingly, it started to working today as this was sporadic we need assistance in understanding the issue. Any help is greatly appreciated.

Update:

Adding the work flow information of how we have configured Graph API into our web application to get better help.

We have a web application, where user can access his outlook resources by authenticating himself via OAUTH.
Below are the steps followed in our application.

37182-image.png

The above steps works without any issue for O365 users and also it worked for on-premise users as well recently we are getting two errors at different times.

    {
        "error": {
          "code": "ResourceNotFound",
          "message": "Resource could not be discovered.",
          "innerError": {
            "date": "2020-10-30T08:03:20",
           "request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d",
        "client-request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d"
          }
        }
   }


HTTP error: 404
Error code: MailboxNotEnabledForRESTAPI or MailboxNotSupportedForRESTAPI
Error message: "REST API is not yet supported for this mailbox."

We have noted the below cases.

  1. We have isolated the scenario and used MS Graph explorer with user credentials, able to get through the process. (pass)
  2. We tried Using the access token created with MS Graph explorer, in our web application and we were able to send email without any issues. (pass)
  3. The issue is raising when we are trying to hit the Graph API for on premise user ,using access token created using our web application. (Fail)

MS Grpah Explorer:

The connection is established using https://developer.microsoft.com/en-us/graph/graph-explorer (Probably SPA)

Web Application:

The connection is established using "Authorization" Grant

Q1) We are not sure if the issue is arsing due to the "Authorization" Grant ?
Q2) Is O365 hybrid environment is mandatory or mailbox in on premise is enough ?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,299 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,836 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Deva-MSFT 2,256 Reputation points Microsoft Employee
    2020-10-31T18:19:35.26+00:00

    Ok, not a problem. I hope you dont have any mailboxes in the on-premise Exchange/O365 hybrid deployment in this scenario. As its working fine now, i think you're good.

    Being said that in future if you see an issue, then i would suggest you to get the following info:

    • Graph API that you called
    • Response logs (Requestid, timestamp, error info etc) for the analysis, so that we can look at it.
    • Also i would give a try using MS Graph explorer/POSTMAN and see whether it works for the given account or not. It will help you to isolate the issue out of your application as well.

    Hope this helps!!


  2. Deva-MSFT 2,256 Reputation points Microsoft Employee
    2020-11-03T12:58:48.453+00:00

    Microsoft Graph API helps you to access to customer mailboxes in the cloud on Exchange Online as part of Microsoft 365. Exchange 2016 Cumulative Update 3 (CU3), released in September 2016 for Exchange on-premises servers, adds support for REST API integration with Microsoft 365. In short, you need to have Exchange Online + Exchange Server 2016 CU3 minimum to use the API - mandatory. Just having on-prem mailboxes won't help. Here's the related documentation talks about the minimum requirement needed as well - https://learn.microsoft.com/en-us/graph/hybrid-rest-support

    Hope this helps.