3

I would like to send an email on behalf of a user using Postman (Office 365). I have the email id and password of that account. After doing some research, I have found that I need to login, using a browser, to get the authorization code and then I can perform the next steps from Postman (getting the access token and using the Microsoft Graph Explorer) to send the email.

I would like to get the authorization code using Postman (not browser). I tried and got the following error (which is what should come the way I have requested the API)-

Postman authorization_request

In short, I want to send email from Graph API using a REST client like Postman (right from authorization to sending email). Is this possible?

(I have already read these documents but did not help me get there- https://developer.microsoft.com/en-us/graph/docs/concepts/rest

Accessing Microsoft Graph API without using login page

Automatically Log-In To Office 365 )

Protik
  • 53
  • 1
  • 9

1 Answers1

6

Yes, it is very possible, in fact, you can use all of the Microsoft Graph API from Postman or any other program which can make HTTP requests.

All you need to do is to get access token to use in your requests to the Graph API, and there at least 4 ways which allow you to do so without user interaction. But the process requires some preparation since you need to create an OAuth App in order to be able to use the Graph API.

Since I had to do the same myself and it wasn't easy to collect all the bits of information necessary, I've written a full guide on this subject including Postman examples:

Getting Access Token for Microsoft Graph Using OAuth REST API

In large you need to do the following steps:

  • Register OAuth App
  • Configuring App Permission
  • Use one of the following flows, depending on the information you have:
    • Flow 1: Get Access Token from Client Credentials (Client credentials Grant)
    • Flow 2 – Get Access Token From Client & User Credentials (Resource Owner Credentials Grant)
    • Flow 3 – Get Access Token From Refresh Token (Refresh Token Grant)
    • Flow 4 – Get Access Token From Another Access Token (On-Behalf-Of Grant)
  • Use the access token in requests to Microsoft Graph API

All of those steps are explained in the article.

Eran Hertz
  • 441
  • 4
  • 4
  • Hi Eran, thanks for the awesome guide. With this, I am now able to send emails through the Graph API. Just wanted another bit of information from you- is there any other way to send an email (or use of graph API) without using the AAD ID, maybe somehow using API endpoints with parameters of user email-password to identify individual user? – Protik Apr 15 '18 at 04:42
  • 1
    Sure, you can use Flow 2 (Resource Owner Credentials Grant) with the **common** endpoint `https://login.microsoftonline.com/common/oauth2/token`. There is an example of this endpoint in my article in Flow 3 (but it can also work for Flow 2). Just make sure you use the full username (including the tenant mail). – Eran Hertz Apr 15 '18 at 06:12