How to retrieve office 365 mailbox IDs using Invoke-RestMethod step by step

Question

I'm developing a simple PowerShell script to retrieve office365 user mailbox folder IDs, my code fails at authentication stage displaying error 401 unauthorized. Is there a step that is missing so as to connect to office 365 mailbox using the Invoke-RestMethod cmdlet?

Below is the code

$cred = Get-Credential

Invoke-RestMethod -Uri "https://outlook.office.com/api/v1.0/me/MailFolders/" -Credential $cred | foreach-object{$_.value |select DisplayName,ID}

Error upon running the code.

Personally, I would you the PowerShell [Exchange Online](https://learn.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps) module. More specifically, the [Get-MailboxFolder](https://learn.microsoft.com/en-us/powershell/module/exchange/get-mailboxfolder?view=exchange-ps) cmdlet seems to provide what you need. — DocZerø, Mar 20 '22 at 11:42
That API is deprecated for a long time [source](https://learn.microsoft.com/en-us/previous-versions/office/office-365-api/api/version-1.0/use-outlook-rest-api-v1) . You need to use the [outlook mail API](https://learn.microsoft.com/en-us/graph/outlook-mail-concept-overview). To test different things, you can use the [graph explorer](https://developer.microsoft.com/en-us/graph/graph-explorer?request=me%2Fmessages&version=v1.0) but you'll have to read through the doc ultimately to get the authentication working. You can't pass credentials like this anymore for these newer APIS. — Sage Pourpre, Mar 20 '22 at 11:42
@SagePourpre You mean i can't use `invoke-restmethod` cmdlet to access office 365 anymore? — Bernietechy, Mar 20 '22 at 12:00
@Bernietechy No, not quite. `Invoke-RestMethod` is still the way to access pretty much any web API. The deprecated part is the API endpoint you are using. That specific endpoint `https://outlook.office.com/api/v1.0/` and all related methods are deprecated. `https://graph.microsoft.com/v1.0/me/messages` would be the new endpoint, as per the documentation from my previous comment. Also, you won't be able to authenticate to that API with `-Credential $cred`. — Sage Pourpre, Mar 20 '22 at 12:54
@SagePourpre i understand you now, thanks. Have tried to use graph explorer using the link you have shared, the `access token` only worked for the account have logged on with, Have tried to retrieve another mailbox using the same `access token` but refused, with error forbidden. Is there a way i can be able to retrieve each mailbox just with the same `access token`? — Bernietechy, Mar 20 '22 at 13:07
the code looks like this `Invoke-RestMethod -Uri $uri -Headers @{Authorization=("bearer {0}" -f $accessToken)} | foreach-object{$_.value |select DisplayName,ID }` — Bernietechy, Mar 20 '22 at 13:08
the code looks like this: uri `$uri = "https://graph.microsoft.com/v1.0/users/TUser@contoso.onmicrosoft.com/mailFolders/"` , `$accessToken = "long string"` and `Invoke-RestMethod -Uri $uri -Headers @{Authorization=("bearer {0}" -f $accessToken)} | foreach-object{$_.value |select DisplayName,ID }` — Bernietechy, Mar 20 '22 at 13:29
@Bernietechy To do that, you need a few things. 1. Register an app and specify the permissions so it can access user mailboxes and do other needed operations as an app. If you're not an org. admin, you'll need someone with sufficient privileges to give those permissions to your app. From there, you connect either using app clientID / Secret or through a service principal so you can obtain a valid token. Then, you should be able to get emails of other users successfully. — Sage Pourpre, Mar 20 '22 at 13:53

How to retrieve office 365 mailbox IDs using Invoke-RestMethod step by step

0 Answers0