question

HarrisonEssig-5275 avatar image
0 Votes"
HarrisonEssig-5275 asked frankcarius answered

Restrict Application Permissions to a Single User without Sign-in

I am building a daemon application running on a server that uses the Microsoft graph API to access a user's mailbox.

The app authenticates without a user using a client secret and token.
https://docs.microsoft.com/en-us/graph/auth-v2-service


When granting my application permission to access mailboxes, I had to grant read/write access to every user in the active directory, when I really only need a single user.

Is there a way to restrict the application permissions to a single user without having a user sign in?


azure-ad-authentication
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, do you still require assistance? If not, please mark the answer as verified.

Thank you,
James

0 Votes 0 ·
alfredorevilla-msft avatar image
0 Votes"
alfredorevilla-msft answered

Hello @harrisonessig-5275. That's currently not possible but you can implement such security logic in your application.

Let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

frankcarius avatar image
0 Votes"
frankcarius answered

Maybe i'm late. but have a look at

Scoping application permissions to specific Exchange Online mailboxes
https://docs.microsoft.com/en-us/graph/auth-limit-mailbox-access

New-ApplicationAccessPolicy
https://docs.microsoft.com/de-de/powershell/module/exchange/new-applicationaccesspolicy?view=exchange-ps


Frank

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.