For those of you that want send email using an Azure App connection, rather than an individual user account, please know that the built-in Outlook app will not work for that purpose.
- When You Use User Credentials (Delegated Permissions)
-
You authenticate as a user (via OAuth authorization code, device code, etc.).
-
The access token contains the user’s identity (UPN).
-
In this case, you can use the endpoint:
POST https://graph.microsoft.com/v1.0/me/sendMail
-
Why it works:
meis a shortcut for “the currently logged-in user,” and since the token represents that user, Graph knows whomeis.
2. When You Use App Credentials (Application Permissions)
-
You authenticate as an app (via client credentials flow).
-
The access token has no user identity — it only represents the application.
-
Since there is no “current user” in the token, Graph cannot resolve
/me. -
That’s why
/me/sendMailfails when using app credentials.
Instead, you must specify the mailbox explicitly:
POST https://graph.microsoft.com/v1.0/users/{user-id | userPrincipalName}/sendMail
Example:
POST https://graph.microsoft.com/v1.0/users/mailaccount@abcinc.com/sendMail
-
This tells Graph exactly which mailbox to send from.
-
The app must have Mail.Send application permission granted and admin consent applied.
-
Optionally, the target mailbox must allow the app to send as that user (depending on your security model).
To be transparent, I don’t know if this effects the other apps, but I’m going to look, as I suspect that this might have been used in the build of all of the Microsoft Apps. This really should be changed so that the app will work across both.