Forum Discussion
Configuring the Secure App Model for PowerShell / API / Graph scripting with GDAP for Partners
Hi whomever may find this! With the old MS Partner Community Forums going read-only as of March 8th, 2023 I thought I'd post a few useful links here in case someone is searching and unable to pos...
Excellent post!
For Exchange you can also talk directly to Exchange REST. An important pitfall there is the existence of the "anchor mailbox" concept. Usually that's either the environments system mailbox (for example to enable Unified Audit logs) or the mailbox of whatever resource you're trying to make a change to.
The system anchor mailbox in any given tenant is almost identical, the only difference is the TLD. The TLD for the mailbox will always be the initial onmicrosoft domain.
"UPN:SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}@$($OnMicrosoft)"Thanks rvdwegen92 ,
Yes I'm aware that you can directly connect to ExO using REST - that's how the new ExO V3 module does it (if you install it and look at the code you'll see some of how it works). And also how Kelvin's CIPP back-end API connects to Exch Online.
However I imagine if someone is doing that they A) already know how to connect and B) have specific purposes: generally trying to create some kind of larger automated system, using APIs entirely and not relying on PowerShell at all. (CIPP uses PowerShell, but it could just as easily be written in Node/JS for example if it uses only REST APIs)
I think for the average scripter trying to automate some aspects of AAD, Azure, ExO, etc using the Secure App Model they are probably looking at using existing PowerShell modules due to likely familiarity with them plus re-using existing code. I do for any of my ExO scripts, just simpler.
For anyone writing a full app using APIs - I'd definitely recommend using the ExO REST APIs! 🙂
--Saul
