Posted: 26 Oct 2020 7:54 EDT Last activity: 17 Nov 2020 10:50 EST
What permissions are needed for Email Listener to use Graph API for email processing
In Pega 8.4 we have a new feature, where we can specify "Graph API" as a method to download emails, instead of IMAP or POP3. But for this to work, on Microsoft Cloud side of things - "application" needs to be registered, and permissions provided for said application. In our scenario - Pega is the application, and calls to Graph API that Pega will make will require some permissions.
My question is: What is the minimal permissions list which have to be granted to "Pega" on cloud side, so that Email Listener will have no permission related issues?
So I need a list of permissions (like Mail.Read, Mail.ReadBasic etc) which needs to be grated to Pega, to avoid any
We are also facing the same issue. We have few email accounts configured that connects to the mailbox with in our organization for processing our cases that comes via email.
My organization is migrating from IMAP authentication to OAUTH2.0 with Microsoft Graph via Microsoft O365 provider.
And Pega allows the client credentials and password credentials only if you select Microsoft Graph as receiver in the OAUTH 2.0 profile. And clearly we cannot use password credentials as we want to come out of that approach. Hence, the left over is only client credentials which uses the access token methodology.
When we do this the scope parameter is required which Pega says its optional.
After we fix that we got the access token successful.
However, the test connectivity is still failing due to permissions issue in azure configuration. See below ,"NoPermissionsInAccessToken","message":"The token contains no permissions, or permissions cannot be understood.
At this point, we are kind of stuck and trying to see if anyone else has experienced this situation and if so, how this was resolved, any inputs is much appreciated.