Crow Canyon Software Support Crow Canyon Software Support

  • Support Homepage
  • Community Forum
  • Submit a Support Ticket
  • CrowCanyon.com Website
  • Version Release Notes
Home / NITRO Studio- Workflows / How to use Graph API for sending mails from NITRO Workflow Manager and Advanced Approval apps

How to use Graph API for sending mails from NITRO Workflow Manager and Advanced Approval apps

2870 views 1 min , 54 sec read 12

Applies to: SharePoint Online NITRO Workflows and Advanced Approvals

Introduction

NITRO Workflows and Advanced Approval apps by default uses SendGrid service for outgoing emails. This can sometimes cause mail delivery issues as SendGrid server IPs may not be trusted by receiving server. Also, mails originating outside of receiving server but with sender address of internal domain has chances of being considered a spam mail.

To avoid these issues, these apps now have the following options to send mails.

  1. Mailbox Settings: Refer instructions in this article for overall mail flow and mailbox configurations
  2. Microsoft Graph API: Described in current article

In case mail delivery by Mailbox / Graph API fails for any reason then SendGrid is used as backup. This can be configured at the site level in Workflow Manager. All workflows configured in the site will use the same settings for outgoing mails.

Steps to grant permissions only to required mailboxes

Performing these steps will ensure that Crow Canyon Email API will never have access to all mailboxes in your tenancy. API permission restrictions to specific mailboxes is done before granting permissions to the API.

API permissions can be scoped to specific mailboxes as per instructions in this Microsoft article. AppId to be used for this is “1c4f8870-3aab-4882-a733-f05081a17655”. Please find the detailed steps from below.

  • Create a mail enabled group in your O365 admin center . Note that this steps requires administrator privileges on your O365 subscription. E.g. “CrowCanyonEmailAPIAccess”
  • Add the required mailboxes (one or more) to this group
  • Connect to Exchange Online PowerShell. For details, see Connect to Exchange Online PowerShell
  • Run below command, note that changes to application access policies can take up to 30 minutes. Replace CrowCanyonEmailAPIAccess@yourdomain.com below with the email Id of the group created above:
    • New-ApplicationAccessPolicy -AppId 1c4f8870-3aab-4882-a733-f05081a17655 -PolicyScopeGroupId CrowCanyonEmailAPIAccess@yourdomain.com -AccessRight RestrictAccess -Description "Restrict Crow Canyon Email API app access to members of distribution group CrowCanyonEmailAPIAccess."
  • Verify that mailbox accounts added to the group can be accessed by Graph API. Replace <mailbox email> below with email Id of the mailbox:
    • Test-ApplicationAccessPolicy -Identity <mailbox email> -AppId 1c4f8870-3aab-4882-a733-f05081a17655
  • Verify that any other mailbox account that is not in “CrowCanyonEmailAPIAccess” group cannot be accessed by Graph API.  Replace <mailbox email> below with email of mailbox that is not in the group:
    • Test-ApplicationAccessPolicy -Identity <mailbox email> -AppId 1c4f8870-3aab-4882-a733-f05081a17655

Steps

1.Navigate to site settings –> site administration –> Crow Canyon NITRO Apps –> NITRO Workflows app/Advanced Approval app

2. Click gear icon next to the “New Workflow” button to bring up the site settings popup

3. Go to “Microsoft Graph API” tab and enable “Use Graph API” setting as shown below:

4. Click “Grant Permissions” in “Graph API Settings” section to allow API access to mailboxes.

5. “Grant Permissions” link will open a pop-up. Please use an account with administrator privileges for your Office 365 subscription to grant the required permissions. Click “Accept” button to grant permissions.

Note that the grant permissions dialog may still say that grant permissions to all mailboxes, but API is already restricted to only the mail enabled security group configured above.

6. Enter the email address and click “Test Mail” button. This will send a test mail using the configured email address. Next, click “Save” button to save the configurations.

 

NITRO Studio- Workflows

About supportTeam

View all posts by supportTeam →

Related Articles

  • NITRO Studio Workshop: Using NITRO Workflows with Teams
  • NITRO Studio Workshop: Introducing the New Looping Feature for Custom Actions and Workflows
  • NITRO Studio Workshop: Building Workflows with the NITRO Workflow Designer Interface
  • NITRO Studio Workshop: Using Query List Actions in NITRO Workflows
© 2021 Crow Canyon Systems, Inc. All Rights Reserved
  • Terms of Service
  • Privacy Policy
  • www.crowcanyon.com