Comments on: Application access policies in Exchange Online https://practical365.com/application-access-policies-in-exchange-online/ Practical Office 365 News, Tips, and Tutorials Wed, 07 Dec 2022 11:06:59 +0000 hourly 1 https://wordpress.org/?v=6.6.1 By: Microsoft Launches RBAC for Applications for Exchange Online https://practical365.com/application-access-policies-in-exchange-online/#comment-247994 Wed, 07 Dec 2022 11:06:59 +0000 https://www.practical365.com/?p=45879#comment-247994 […] Application access policies seemed like a good idea when Microsoft introduced them in 2019. An application access policy is a protocol-agnostic mechanism to allow or deny an app access to a set of mail-enabled objects with security principals (usually defined as mailboxes in a security group). The mechanism is effective but has two significant limits. First, Exchange Online supports 300 application access policies per tenant. Second, access is all or nothing. Once a policy grants an app access to mailboxes, the app can use all available Exchange Web Services (EWS) and Microsoft Graph APIs to interact with mailbox data. […]

]]>
By: How to Report Meeting Statistics for Room Mailboxes https://practical365.com/application-access-policies-in-exchange-online/#comment-247919 Mon, 05 Dec 2022 11:07:14 +0000 https://www.practical365.com/?p=45879#comment-247919 […] Exchange Online application access policies can control apps that access mailbox contents by limiting access to specific mailboxes. In this case, an application access could define that the app can only access the room mailboxes. […]

]]>
By: Moving on from Send-MailMessage: Sending Email from PowerShell using the Graph API https://practical365.com/application-access-policies-in-exchange-online/#comment-247125 Tue, 15 Nov 2022 14:07:39 +0000 https://www.practical365.com/?p=45879#comment-247125 […] solution is to use an application access policy to allow the app to access only certain mailboxes. An application access policy combines three […]

]]>
By: Using Azure Automation to Detect and Report Microsoft 365 Audit Events https://practical365.com/application-access-policies-in-exchange-online/#comment-244972 Mon, 17 Oct 2022 10:08:30 +0000 https://www.practical365.com/?p=45879#comment-244972 […] send email makes it easy for developers, but it can be a security nightmare. And that’s where Application Access Policies come […]

]]>
By: Roopa https://practical365.com/application-access-policies-in-exchange-online/#comment-242963 Wed, 14 Sep 2022 10:40:07 +0000 https://www.practical365.com/?p=45879#comment-242963 Hello Vasil ,
I have an important Question, Our company has been using the Application access policy for a while now ,and i get an error : “The total size of App Access Policies exceeded the limit of: 87040. Size 87062.” Can you provide a resolution for this.

]]>
By: pavan https://practical365.com/application-access-policies-in-exchange-online/#comment-237815 Mon, 21 Feb 2022 13:46:28 +0000 https://www.practical365.com/?p=45879#comment-237815 Can I apply application access policy on a mail enabled security group synced from onprem?

]]>
By: harish tej https://practical365.com/application-access-policies-in-exchange-online/#comment-236956 Thu, 28 Oct 2021 06:37:13 +0000 https://www.practical365.com/?p=45879#comment-236956 In reply to Vasil Michev.

any other way to restrict owner from adding users rather than group managed by IT team?

]]>
By: Vasil Michev https://practical365.com/application-access-policies-in-exchange-online/#comment-236630 Fri, 17 Sep 2021 14:41:51 +0000 https://www.practical365.com/?p=45879#comment-236630 In reply to Maheswari.

Create a group with closed membership, one that is managed by the IT support team and not end users.

]]>
By: Maheswari https://practical365.com/application-access-policies-in-exchange-online/#comment-236604 Thu, 16 Sep 2021 07:19:22 +0000 https://www.practical365.com/?p=45879#comment-236604 If we scope the Application access Policy to specific mail enabled group and grant access only to the member of the group there are chances for any user id can be added to the group and leverge full access to the mailbox. What level of Security controls can be added to prevent this.

]]>
By: Reevanshi https://practical365.com/application-access-policies-in-exchange-online/#comment-235363 Tue, 15 Jun 2021 11:43:26 +0000 https://www.practical365.com/?p=45879#comment-235363 We are using Exchange online api with Application permission full acess .

Our objective is to restrict api permission to specific set users only .

Do you think there can be any way for that ?

]]>