In this repository, I will share a Flask application that authorizes users having either personal Microsoft accounts (Skype, Xbox, Live, and Hotmail) or Microsoft business accounts. The demo application also presents an email composer form to send emails on behalf of the authorized users.
- Log-in users with Microsoft OAuth2
- Retrieve users' information with Microsoft Azure Active Directory
- Send mail on behalf of the users
- A Microsoft 365 account with an active subscription such as Home or Business plan
- If you are trying this tutorial within an organization that subscribes to Microsoft 365 Business plan, you also need to have an Administrator account to grant permissions on the created application
- You should have a background in Python programming language to understand the sample Flask project.
I have an article to present the procedure to authorize a client program that sends emails on behalf of users that have either a personal Microsoft account or a business one. The procedure consists of four main steps, i.e., (1) create an application on Microsoft Azure, (2) issue credentials, (3) add API permissions to the application, and (4) run the demo program.
Read the article at https://www.duonghuuphuc.com/sites/dev/msgraph-sendmail-python-en.html
You can jump right into the demo by performing the following steps:
- Register an application on Microsoft Azure
- Create application credentials on Microsoft Azure
- Grant API permissions:
Mail.Send,User.Read,User.ReadBasic.All - Clone the demo project from this repository
- Configure
CLIENT_IDandCLIENT_SECRETin the env.sh file - [Optional] Create a new Python environment to avoid any errors in your current working environment
- Install required packages by executing this command in an activated Python environment:
pip install -r requirements.txt - Run the project by executing this command:
source env.sh
Note: step #7 is performed only one time.
- If you run this sample project on a web server on a home network without a static IP address and/or without an assigned domain name, you may need to use a DDNS provider, and then forward the corresponding network ports to your web server.
- Tutorial: Microsoft Graph — Send Mail API
- Tutorial: Microsoft Graph — Single Sign-on
- Microsoft Azure - Authentication vs. authorization
- Microsoft Authentication Library (MSAL) for Python
- Azure Active Directory B2C
- Phuc H. Duong / www.duonghuuphuc.com /
dhpit [at] m.dhpit.com