Registering the service principal of an application in Microsoft Exchange - Cloud

To access a mailbox using tPOP in the Microsoft Exchange authentication mode, in addition to configuring a Microsoft Azure application for POP and IMAP, you also need to register the service principal of the application in Microsoft Exchange and assign permissions to access the mailbox to the service principal.

This article describes the way to register the service principal of an application in Microsoft Exchange and assign permissions to access the mailbox to the service principal using cmdlets in Microsoft Windows PowerShell.

For information about configuring a Microsoft Azure application for POP and IMAP, see Configuring a Microsoft Azure application for POP and IMAP.

Procedure

Launch Microsoft Windows PowerShell.
Install the ExchangeOnlineManagement and connect to your tenant by executing the following functions/cmdlets in Microsoft Windows PowerShell.
```
Install-Module -Name ExchangeOnlineManagement -allowprerelease
Import-module ExchangeOnlineManagement 
Connect-ExchangeOnline -Organization {tenantId}
```
See Retrieving application settings for registering the service principal in Microsoft Exchange for information about the way to get tenantId.
Register the service principal of the application in Microsoft Exchange by executing the following cmdlet in Microsoft Windows PowerShell.
```
New-ServicePrincipal -AppId {APPLICATION_ID} -ServiceId {OBJECT_ID}
```
Important: Be sure to take step 3 in Retrieving application settings for registering the service principal in Microsoft Exchange for APPLICATION_ID and OBJECT_ID.
Assign permissions to access your mailbox to the service principal by executing the following cmdlet in Microsoft Windows PowerShell.
```
Add-MailboxPermission -Identity "{YourMailboxAddress}" -User 
{OBJECT_ID} -AccessRights FullAccess
```