Closed shriv closed 3 years ago
Hi, thanks for using the package. I haven't looked at shared inboxes before this, but from what I can tell there's a couple of things needed:
library(Microsoft365R)
gr <- AzureGraph::create_graph_login(app="yourappid") # 'yourappid' is the ID of the app registration you created
shared_inbox <- gr$get_user("inboxid")$get_outlook()
Assuming this works, on subsequent calls you can replace create_graph_login
with get_graph_login
.
Thanks for such a quick reply! :-)
Just to confirm, I will create an app with all the permissions you have noted here and just replace Mail.ReadWrite
with Mail.ReadWrite.Shared
?
Is there a way I can use Microsoft365R
to send this request? I ask because our org permissions are very locked down and we cannot even access the AAD portal.
No, you'll have to get your admin to do this. (It's possible that you could use the underlying AzureGraph package to create the app, but if your org is locked down you probably don't have the rights to create apps.)
Okay, that makes sense! Thanks :-)
Also, if shared inbox access is a much-requested feature I can change the default permissions on the Microsoft365R app. I'm leery of doing this right now though, as it would require people to re-authorise the app to access their data.
I, for one, would appreciate it but it would be annoying for others! I'll see how I get on with requesting an app in our org tenant..
Please leave this open as others may also want the same feature.
Just throwing in that I would also benefit from this feature.
@iankloo You can actually do this right now. You'll have to get your admin to consent to the necessary permissions first, but then you can run something like this:
gr <- AzureGraph::create_graph_login("yourtenant",
app=Microsoft365R:::.microsoft365r_app_id,
scopes=c("Mail.ReadWrite.Shared", "Mail.Send", "Group.ReadWrite.All") # use shared mail scope
)
user <- gr$get_user("shared-inbox-id")
user_mbox <- user$get_outlook()
It's just a question of whether and how much this should be automated in Microsoft365R. The Mail.ReadWrite.Shared scope is not part of the default permissions, but you can request it explicitly with the code above (and you'll need to get your admin to approve it separately).
Shared mailbox support has been added to get_business_outlook
. To retrieve a shared mailbox, supply one of the arguments shared_mbox_id
, shared_mbox_name
or shared_mbox_email
. If you leave all of these out, you will get your own mailbox (the current behaviour).
Note that shared access requires extra permissions, namely Mail.Send.Shared and Mail.Readwrite.Shared. You'll get a message asking your admin to approve this.
I'm unable to test this as I don't have access to a suitable tenant/mailbox right now, so can those who requested this feature please try it out and tell me if there are any problems. Thanks!
@isaac-florence @iankloo @shriv
Now in 2.3.0
Hi @hongooi73, please accept my apologies for not thanking you here sooner. Our security team have only just reapproved the app and I can confirm this works just as expected for us. Thank you very much for implementing this change, it's hugely appreciated.
Hiya, I'm a very new user of this package. My particular use case is developing an ETL pipeline which begins with extracting automated data feeds from a Shared Inbox. I've got access to my Outlook mail but I am unable to see the Shared Inbox. I suspect this is because the
Microsoft365R
package only requestsMail.ReadWrite
permissions rather thanMail.ReadWrite.Shared
as per here? Do I need to ask the admin to include this permission separately or would there be an update to this package that will allow Shared Inbox access?Thanks!