question

IK-9745 avatar image
0 Votes"
IK-9745 asked StonerockAaron-9064 commented

Sending Encrypted E-mail Programatically with Graph API?

Hello and thanks for any help in advance!

I use Azure Information Protection's (AIP) automated system for encrypting sensitive e-mails. I would like to begin programmatically sending encrypted e-mail using the same system. I've started using the Microsoft Graph API to send e-mails, but don't see an option to encrypt the e-mail in the API's methods. Is this not yet supported by the API? If not, is there any resource supported by Microsoft for developers to send encrypted e-mails en mass using Azure's encryption?

An alternative here is, I know, to programatically control the Outlook app. But the default encryption there appears to use S/MIME and digital IDs. Is there a way to control the outlook app and use AIP encryption on a sent e-mail? Could you please direct me to a resource on this, if so?

Thanks Again!

microsoft-graph-mailazure-information-protection
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Deva-MSFT avatar image
0 Votes"
Deva-MSFT answered StonerockAaron-9064 commented

Sending encrypted email programmatically with Graph API is not supported at this time; I remember a related thread on this. Being said that, i would suggest you to upvote the existing uservoice or file a new one, if its doesnt suits you - so that it can be considered to be implemented.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for the info. I actually found that user voice and voted for it late yesterday!

I have a related question. My organization implemented some new flow rules so that certain recipients will always receive encrypted emails of the same type we usually send. I was excited about this because I could set this up and then use the graph api to send out the emails securely.

However, these emails don’t result in the same end user experience. Instead of being automatically decrypted, the users are sent an email that asks them to sign in again and offers a link. These e mails look really bad, like a phishing attempt. They look so bad that our Outlook box flags them as high confidence phishing attempts and bounces them directly into quarantine. The emails show up in gmail okay but still...

So are we doing something wrong? Why the extra “security” blanket for emails encrypted this way rather than with the user activated encrypt button we set up in outlook?

Thanks for any input!

0 Votes 0 ·

UserVoice is deprecated and I could not find an item in the replacement portal.
New feedback item was created: https://feedbackportal.microsoft.com/feedback/idea/597459f6-03f7-ec11-a81b-000d3a00c008

0 Votes 0 ·