Patch My PC Ideas & Feedback
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:
Create an additional mail option to allow Publisher to send email using the Exchange Online SDK instead of Microsoft Graph.
Today, OAuth2 support in Publisher uses Microsoft Graph with application permissions Mail.SendAs. As a result, customers are forced to grant wider access than desired because this API permission is very broad and cannot be restricted to a specific mailbox governed by EOL policy
Using the Exchange Online SDK would allow customers to leverage Exchange RBAC to scope send permissions to specific mailboxes. This provides a more granular and modern control model, where administrators can assign the service principal permission to send only from designated mailboxes using RBAC role assignments. It also does not require the Mail.SendAs permission on the app registration
