Skip to main content Skip to complementary content

Registering the service principal of an application in Microsoft Exchange

To access a mailbox using tPOP in the Microsoft Exchange authentication mode, in addition to configuring a Microsoft Azure application for POP and IMAP, you also need to register the service principal of the application in Microsoft Exchange and assign permissions to access the mailbox to the service principal.

This article describes the way to register the service principal of an application in Microsoft Exchange and assign permissions to access the mailbox to the service principal using cmdlets in Microsoft Windows PowerShell.

For information about configuring a Microsoft Azure application for POP and IMAP, see Configuring a Microsoft Azure application for POP and IMAP.

Procedure

  1. Launch Microsoft Windows PowerShell.
  2. Install the ExchangeOnlineManagement and connect to your tenant by executing the following functions/cmdlets in Microsoft Windows PowerShell. 
    Install-Module -Name ExchangeOnlineManagement -allowprerelease
Import-module ExchangeOnlineManagement 
Connect-ExchangeOnline -Organization {tenantId}

    See Retrieving application settings for registering the service principal in Microsoft Exchange for information about the way to get tenantId.

  3. Register the service principal of the application in Microsoft Exchange by executing the following cmdlet in Microsoft Windows PowerShell. 
    New-ServicePrincipal -AppId {APPLICATION_ID} -ServiceId {OBJECT_ID}

    See Retrieving application settings for registering the service principal in Microsoft Exchange for information about the way to get APPLICATION_ID and OBJECT_ID.

  4. Assign permissions to access your mailbox to the service principal by executing the following cmdlet in Microsoft Windows PowerShell. 
    Add-MailboxPermission -Identity "{YourMailboxAddress}" -User 
{OBJECT_ID} -AccessRights FullAccess

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here