Is there any way to read mails from group email id or is there any way to read emails without graph api?
And also is there any way to restrict graph api token to read only from desired email account?
You should use GET /users/{id of group email}/mailFolders/{id}/messages to read mails from group email id.
See reference here.
If you want to restrict graph api token to read only from desired email account, you should implement Get access on behalf of a user. Then you will be able to access the signed-in user's email only.
To answer your first question, the following call will get you the emails in a group mailbox.
GET https://graph.microsoft.com/v1.0/groups/{group-id}/conversations
Can you ask your second question in a new post as it is not related to the first? Make sure you provide information about what you are doing. What auth flow are you using?
Related
I need to create an application that sends emails by MS Graph but also I need somehow restrict it for few mailboxes who will sending email (e.x. avoid send mail as ceo). Before I used just Sytem.Net.Mail and because basic authentication is now deprecation I must find new way to sending mails.
So I registered new application AAD, I added API permission for MS Graph Mail.Send (application type). Now I want to add restricting for that Graph API (I want to limit who can send a message from this API.
I found that I must use New-ApplicationAccessPolicy cmdlet, but before that I created Mail-enabled security group.
Then via PowerSell I addes new policy:
New-ApplicationAccessPolicy -AppId "9e48a326-a952-42ca-882f-ff1eec699ba7" -PolicyScopeGroupId "SMTPOAuth2SecurityGroup#consto.onmicrosoft.com" -AccessRight RestrictAccess -Description "SMTP OAuth2 Connector"
Then I added two accounts AlexW and DiegoS - both are from Microsoft 365 Developer Program, so both were not modify by me in any way:
Test-ApplicationAccessPolicy -Identity "AlexW#consto.onmicrosoft.com" -AppId
"9e48a326-a952-42ca-882f-ff1eec699ba7"
AppId : 9e48a326-a952-42ca-882f-ff1eec699ba7
Mailbox : AlexW
AccessCheckResult : Granted
Test-ApplicationAccessPolicy -Identity "DiegoS#consto.onmicrosoft.com" -AppId "9e48a326-a952-42ca-882f-ff1eec699ba7"
AppId : 9e48a326-a952-42ca-882f-ff1eec699ba7
Mailbox : DiegoS
AccessCheckResult : Granted
But now I test my application. AlexW can send mail but for DiegoS (or random person) I got erorr:
DiegoS#consto.onmicrosoft.com:Code: ErrorAccessDenied Message: Access
to OData is disabled. ClientRequestId:
909c72f7-02b7-4697-afd5-3d65a58d47a5
I try to remove and again add, wait some time and still the same problem.
So, I need to create an application that sends emails by MS Graph but aslo I need somehow restrict
According to your description, I captured these key words: use graph api to send email, allow specific user to send email, api permisssion with application type. Then let's see the necessary parameter to send an email: sender, content, receiver.
Per my understanding, since you used application type permission, then you want to use client credential flow to generate access token and calling graph api to send the email, so you have to create an azure ad application(done), then you need to specify the sender(set restriction so that only AlexW and DiegoS can do it). Receivers and content are based on the requirement so we don't need to take them into consideration.
Here's a code snippet to send email via ms graph api. The only point we need to consider is how to set the sender user principle now.
Then here're 2 scenarios. If you need to ask users to sign in first then they can send email? Or what you created is just an API so that you only need to receive a parameter(e.g. parameter is the user principle used to send email) then use it to send email?
If you want to integrate the authentication then you can restrict users to access your app, then Azure ad already provided the feature to allow specific users to sign in then the ones who are allowed to sign in can send email, since they already signed in, we can certainly get the user principle.
If you just want to provide a web api, then you may store the users who are allowed to access your api into the database to so that you can check if the incoming request is legal...
I need to integrate Instagram API to fetch user's details like username and email and need to save these information for the user,
i read the below link:
https://developers.facebook.com/docs/instagram-basic-display-api
but this does not fetch the email id of the user,
i also read below link but it also does not provide email of the user:
https://developers.facebook.com/docs/instagram-api
If any body can reply, that will be helpful,
Thanks
That's a privacy issue to be able to fetch user's email and other information I think you would need to create an app that allows sign in or login then get any user that had signed in to your app, details for example if I sign in to your app you would need to get my email address you can do that using a simple database tool then convert that into an API by performing a post request once data has being sent to the database.
We are trying to implement a google home action and it needs access to customer's email.
I can see the documentation on this page mentioned we need to have explicit consent from the user. https://developers.google.com/actions/policies/general-policies
Just wondering what sort of consent do we need to implement in order to get customer's email?
Can I please get a sample consent?
Thanks,
Yihan
You will need to implement Account Linking in some form. If you have an existing service that gets their email address, you need to link the Action to the account they have established on your service already.
If you don't have an existing service, you can take advantage of Google Sign In for Assistant, which is a streamlined way you can get permission to access their Google Profile and, if they have one, their registered email address.
Is there any way to post messages received in an email, directly as a Facebook post?
If yes, how can I do that?
I want to automate a page in Fb to spend less time there
Yes, one way of doing it would be to create a service or scheduled task which periodically does the following:
Use gmail API to get all unread messages
Each message will have an ID and you are able to check whether it has been read
Use the IDs to retrieve the message bodies
Use Facebook API to post the body data to the page
You can use Ballerina to create a stand-alone program or a service that you can invoke when it's needed. Use the facebook connector to get a list of comments and posts from your facebook page, create a payload string and send it to a destination email using the gmail connector. Look at the samples shipped with the distribution to get a head start.
How to get facebook's friend email? Or their email hash?
it is not possible. if you take a closer look at the existing extended permissions , email for friends is not available.
Sadly (and also thankfully!) you are unable to do that.
http://developers.facebook.com/docs/reference/api/ should show you all the things you have access to through the Graph API. You can get their profile information - gender, friends, date of birth and all that, but the email is secured.
On http://developers.facebook.com/docs/authentication/permissions you can see the following:
email not available Provides access to the user's primary email address in the email property. Do not spam users. Your use of email must comply both with Facebook policies and with the CAN-SPAM Act.
So it looks like it may have been once, but at the moment and for the foreseeable future, it's not possible to access it.