I have an Azure integrated service application (daemon app) with permissions to the Microsoft graph api, I can now read all the mailboxes for the entire company, which is awesome but might raise some concerns with the business management. We use Outlook in Office 365.Is there a way to specify mailboxes that the app can have access to instead of having access to all mailboxes/users.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
The daemon app which use the client credential to acquire the access token.
The client credential flow is used to as an authorization grant typically when the client is acting on its own behalf. And it is not able to specify mailboxes that the app can have access.
You can achieve this by implement the business logic in the daemon app.