PowerShell test scripts for retrieving messages from O365

May 4, 2023 0 By JeremyBrooks

Basic script to test authentication using an app registration to retrieve the last message in an inbox using Graph API. Note these are targeting the GCC-High (Government) endpoints.

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
$tenantId = "Replace with TenantID"
$clientID = "Replace with ClientId"
$clientSecret = "Replace with Client Secret"
$resource = "https://graph.microsoft.us"
$authority = "https://login.microsoftonline.us/$tenantId/oauth2/token"
$username = "Replace with email address"
$password = "Replace with email address Password"
$body = @{
    "grant_type"="password" #don’t change this value
    "client_id"=$clientId
    "resource"=$resource
    "username"=$username
    "password"=$password
}


$oauth = Invoke-RestMethod -Method Post -Uri $authority -Body $body
$accessToken = $oauth.access_token
$accessToken
$headers = @{
    "Authorization"="Bearer $accessToken"
    "Content-Type"="application/json"
}
$response = Invoke-RestMethod -Method Get -Uri "https://graph.microsoft.us/v1.0/me/messages" -Headers $headers
$response.value[0].From
$response.value[0].ToRecipients
$response.value[0].Subject

Basic script to test authentication using an app registration to retrieve the last message in an inbox using the deprecated office APIs. Note these are targeting the GCC-High (Government) endpoints.

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
$tenantId = "replace with tenantId"
$clientID = "replace with clientId"
$resource = "https://outlook.office365.us"
$authority = "https://login.microsoftonline.us/$tenantId/oauth2/token"
$username = "replace with email address"
$password = "replace with password" 
$body = @{
    "grant_type"="password" #don’t change this value
    "client_id"=$clientId
    "resource"=$resource
    "username"=$username
    "password"=$password
}
 
$oauth = Invoke-RestMethod -Method Post -Uri $authority -Body $body
$accessToken = $oauth.access_token
$accessToken
$headers = @{
    "Authorization"="Bearer $accessToken"
    "Content-Type"="application/json"
}
$response = Invoke-RestMethod -Method Get -Uri https://outlook.office365.us/api/v2.0/me/messages -Headers $headers
$response.value[0].From
$response.value[0].ToRecipients
$response.value[0].Subject 

Testing connections using Application permissions to return the folders in a specific user Mailbox.

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
$tenantId = "xxx"
$clientID = "xxxx"
$clientSecret = "xxx"
$resource = "https://graph.microsoft.us"
$authority = "https://login.microsoftonline.us/$tenantId/oauth2/token"
$username = "xxxx"
$body = @{
    "grant_type"="client_credentials"
    "client_id"=$clientID
    "client_secret"=$clientSecret
    "resource"=$resource
}
 
$oauth = Invoke-RestMethod -Method Post -Uri $authority -Body $body
$accessToken = $oauth.access_token
$accessToken
$headers = @{
    "Authorization"="Bearer $accessToken"
    "Content-Type"="application/json"
}
 
$folders = Invoke-RestMethod -Method Get -Uri "https://graph.microsoft.us/v1.0/users/$username/MailFolders" -Headers $headers
$folders.value