question

sreekanthgundlapally-5958 avatar image
3 Votes"
sreekanthgundlapally-5958 asked UdiSc-6340 commented

MailboxNotEnabledForRESTAPI - Microsoft Graph API integration with HMA Enabled on-premise server


We had integrated our application with Microsoft Graph API enabling user to access their outlook through our application. The integration works fine with office365 users but having intermittent issues with users in on-premise server.

Initially after enabling HMA in on-premise server the integration started working, but for past two weeks we are facing issue with the integration and receiving error message as below.

 HTTP error: 404
 Error code: MailboxNotEnabledForRESTAPI or MailboxNotSupportedForRESTAPI
 Error message: "REST API is not yet supported for this mailbox."

But we had not made any recent changes to server or Graph API access. Surprisingly, it started to working today as this was sporadic we need assistance in understanding the issue. Any help is greatly appreciated.




Update:

Adding the work flow information of how we have configured Graph API into our web application to get better help.

We have a web application, where user can access his outlook resources by authenticating himself via OAUTH.
Below are the steps followed in our application.

37182-image.png

The above steps works without any issue for O365 users and also it worked for on-premise users as well recently we are getting two errors at different times.

     {
         "error": {
           "code": "ResourceNotFound",
           "message": "Resource could not be discovered.",
           "innerError": {
             "date": "2020-10-30T08:03:20",
            "request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d",
         "client-request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d"
           }
         }
    }


 HTTP error: 404
 Error code: MailboxNotEnabledForRESTAPI or MailboxNotSupportedForRESTAPI
 Error message: "REST API is not yet supported for this mailbox."

We have noted the below cases.

  1. We have isolated the scenario and used MS Graph explorer with user credentials, able to get through the process. (pass)

  2. We tried Using the access token created with MS Graph explorer, in our web application and we were able to send email without any issues. (pass)

  3. The issue is raising when we are trying to hit the Graph API for on premise user ,using access token created using our web application. (Fail)

MS Grpah Explorer:
The connection is established using https://developer.microsoft.com/en-us/graph/graph-explorer (Probably SPA)

Web Application:
The connection is established using "Authorization" Grant

Q1) We are not sure if the issue is arsing due to the "Authorization" Grant ?
Q2) Is O365 hybrid environment is mandatory or mailbox in on premise is enough ?







office-exchange-hybrid-itpromicrosoft-graph-mail
image.png (45.8 KiB)
image.png (37.4 KiB)
· 7
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

We are running into the exactly same issue. It works on the Graph playground, but it won't work with a token generated by postman (tried every o-auth flow).

Also we cannot find any important difference inside the token. Leftside you can see the token created via postman, right side the token from graph online playground.
39608-graph.png


1 Vote 1 ·
graph.png (153.1 KiB)

(1) Share the Graph API call
(2) Can you share the detailed response logs (with timestamp, requestid, error info) etc? So that we can analyze it

0 Votes 0 ·

Are you still looking for help?

0 Votes 0 ·

@Deva-MSFT - Unfortunately, we could not get the log information and as I mentioned, it started working for the client since couple of days ago without any changes made. If possible , can you provide what could be the possible reasons for this issue?

0 Votes 0 ·

Do you have more than one on-prem server?
Perhaps one of them has no api support (Exchange 2013 / 2016CU2 or lower)

0 Votes 0 ·

@DimitriT-1992 - I am yet to get those answers from the client. I have just updated the question with more details, please check if we can get any better insights from it. Thanks.

0 Votes 0 ·
VivekSatavase-8649 avatar image VivekSatavase-8649 sreekanthgundlapally-5958 ·

@sreekanthgundlapally-5958 - We are also facing the same issue. Our application was working till Nov 2020 with out any problem and suddeny stopped working. Have you found any solution to resolve this ?

0 Votes 0 ·
Deva-MSFT avatar image
0 Votes"
Deva-MSFT answered Deva-MSFT converted comment to answer

Ok, not a problem. I hope you dont have any mailboxes in the on-premise Exchange/O365 hybrid deployment in this scenario. As its working fine now, i think you're good.

Being said that in future if you see an issue, then i would suggest you to get the following info:
- Graph API that you called
- Response logs (Requestid, timestamp, error info etc) for the analysis, so that we can look at it.
- Also i would give a try using MS Graph explorer/POSTMAN and see whether it works for the given account or not. It will help you to isolate the issue out of your application as well.

Hope this helps!!

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @Deva-MSFT , Thanks for bringing up the work around points to narrow down the issue.

Fyi, the users are having mailbox in on-premise service but still we are facing the issue. I am curious to know if O365 hybrid environment is mandatory or mailbox in on premise is enough?

The issue got surfaced 2 days ago and we were able to get the following log info from client. Can you please provide any insights from it?

 {
    "error": {
      "code": "ResourceNotFound",
      "message": "Resource could not be discovered.",
      "innerError": {
        "date": "2020-10-30T08:03:20",
        "request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d",
        "client-request-id": "c1f461d7-0757-4a54-a727-58cb0da7fe5d"
      }
    }
  }



0 Votes 0 ·
Deva-MSFT avatar image Deva-MSFT sreekanthgundlapally-5958 ·

Glad that the above info helped to move ahead, isolate the issue. Let we analyze the above info. How consistently you can repro the issue?

0 Votes 0 ·

@Deva-MSFT - Thanks for your quick responses to resolve this issue.

I have updated the question with full details of how we are trying out Graph API into our application and I have also tried MS Graph Explorer like you directed.
Please check the updated answer.

0 Votes 0 ·
Deva-MSFT avatar image
0 Votes"
Deva-MSFT answered UdiSc-6340 commented

Microsoft Graph API helps you to access to customer mailboxes in the cloud on Exchange Online as part of Microsoft 365. Exchange 2016 Cumulative Update 3 (CU3), released in September 2016 for Exchange on-premises servers, adds support for REST API integration with Microsoft 365. In short, you need to have Exchange Online + Exchange Server 2016 CU3 minimum to use the API - mandatory. Just having on-prem mailboxes won't help. Here's the related documentation talks about the minimum requirement needed as well - https://docs.microsoft.com/en-us/graph/hybrid-rest-support

Hope this helps.

· 10
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Does the above info helped or still you need help?

0 Votes 0 ·

Hi @Deva-MSFT , regarding the On-premises server setup, we are yet to receive the information from client how they have configured it. I will get those details.

We are able to send email when tested through MS Graph Explorer but issue is arising when using through our web application.

can you please clarify whether the authorization code flow we have used in the application could possibly cause this issue?

0 Votes 0 ·
Deva-MSFT avatar image Deva-MSFT sreekanthgundlapally-5958 ·

If its working with your MS Graph explorer and if its not working with your web application, then see how you implemented, validate the token/scopes/permissions, handle exception, implement proper telemetry. In addition, I would try do the same using POSTMAN and see if it works (with the same code flow) that you're using. It will help you to isolate the issue out of your code.

0 Votes 0 ·

Hi @Deva-MSFT, we're seeing the exact same issue. Getting 404 "REST API is not yet supported for this mailbox." when sending graph api requests for on premise mailboxes.
Using Graph Explorer it works fine, but on our own application, and using Postman, it returns 404 (used this collection: https://docs.microsoft.com/en-us/graph/use-postman))
The thing is, this worked fine for a few days and then suddenly stopped.

Using the token generated by Graph Explorer, the API requests work as expected in other clients too.
I compared the tokens using https://jwt.ms, and the scopes are the same.

1) Any ideas? I understand this is in preview, but has the behavior changed on Microsoft's side, and how come it works using Graph Explorer?
2) The Exchange server was installed using a hybrid license. Does it have any expiration period?

5 Votes 5 ·
Show more comments