Re: [Davmail-users] Azure AD Graph shutdown next year?
Brought to you by:
mguessan
Menu
▾
▴
Re: [Davmail-users] Azure AD Graph shutdown next year?
|
From: Dan G. <da...@gr...> - 2023-02-16 07:50:40
|
Mickaël Guessant writes:
|
| Hello all,
| As usual namings are misleading DavMail does not rely on Azure AD Graph and does not use Azure graph
| either.
|
| However we used to be able to register applications with;
| EWS.AccessAsUser.All (access to EWS API calls)
| User.Read (assigned by default)
|
| It seems Microsoft blocked new application registration since september 2022 so it's no longer
| possible to register a new application to access EWS inside Azure AD.
|
| Alternatives:
|
| - use the old DavMail clientid and allow it on tenant
| - use a Microsoft application clientId that still has access to EWS, e.g. Outlook desktop
|
Hi Mickaël,
I checked with a coworker with access to the tenant configuration at work --
here's what he said:
"The permission being deprecated for all Microsoft customers is
User.Read, which is provided by Azure AD Graph, so if Davmail needs
that still, it needs to move to the new implementation which is
provided by Microsoft Graph APIs. Davmail been using Azure AD Graph
all this time whether the author is aware of it or not. I double
checked and yes, davmail in our tenant is currently configured to
use User.Read"
It sounds like still a problem here...
Attached is a screenshot that shows User.Read permission rolls up
into Azure Active Directory Graph api.
--Dan
|
