问题
I am trying to access EWS managed API (subscribe to push notifications) with oauth as below:
var authenticationTask = await authenticationContext.AcquireTokenAsync("https://outlook.office365.com", new ClientCredential(clientID, clientSecret));
string targetSmtp = "user123@mydomain.onmicrosoft.com";
ExchangeService exchangeService = new ExchangeService(ExchangeVersion.Exchange2013);
exchangeService.Url = someURL;
exchangeService.TraceEnabled = true;
exchangeService.TraceFlags = TraceFlags.All;
exchangeService.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.PrincipalName, "user123@mydomain.onmicrosoft.com");
exchangeService.HttpHeaders.Add("X-AnchorMailbox", targetSmtp);
exchangeService.Credentials = new OAuthCredentials(authenticationTask.AccessToken);
PushSubscription subscription = exchangeService.SubscribeToPushNotifications(
new[] { someFolder },
new Uri(postBackUrl),
15,
null,
EventType.NewMail,
EventType.Created,
EventType.Deleted,
EventType.Modified,
EventType.Moved,
EventType.Copied);
I am able to get the token for my app but while subscribing the user (user123@mydomain.onmicrosoft.com) for push notifications I get "The request failed. The remote server returned an error: (401) Unauthorized." error
Update: tried following the exact same step mentioned here: Azure AD app-only access tokens for exchange impersonation but still getting 401.
Ashish
回答1:
For those struggling with the same issue, we need to get the access token for the registered app by using a certificate (instead of doing it with client secret key). For more details on how to do it please see: https://blogs.msdn.microsoft.com/exchangedev/2015/01/21/building-daemon-or-service-apps-with-office-365-mail-calendar-and-contacts-apis-oauth2-client-credential-flow/
来源:https://stackoverflow.com/questions/45614307/401-unauthorized-while-subscribing-to-push-notifications-with-exchange-service-a