https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585362#M3302 <P>Yes. It depends on the usecase that we need to enable these permissions.</P> <P>&nbsp;</P> <P>If its only for searching and deleting emails and sending emails, we wouldnt need access to Mailbox settings right?<BR /><BR />Im looking to explore the best practices for the integration overall as this gives high privileges.</P> Tue, 30 Apr 2024 15:39:44 GMT Moh.Yasser 2024-04-30T15:39:44Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585258#M3298 <P>Hey all,</P> <P>&nbsp;</P> <P>I was exploring O365 graph API and wondering what are some of the best practices for this integration.</P> <P>&nbsp;</P> <P>One thing we came up was to IP restriction (Palo alto IP) in Microsoft side.</P> <P>&nbsp;</P> <P>Are there any other condition access policies that can be added to make sure we follow best practices, other than securing the Palo alto tenant and Microsoft tenant as a whole?&nbsp;</P> Mon, 29 Apr 2024 21:19:04 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585258#M3298 Moh.Yasser 2024-04-29T21:19:04Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585262#M3299 <P>Hey,<BR />You need to make sure below required permissions are enabled to run the&nbsp;<EM>O365 Outlook Mail (Using Graph API)</EM> integration commands successfully;</P> <UL> <LI>Mail.ReadWrite - Application</LI> <LI>Mail.Send - Application</LI> <LI>MailboxSettings.ReadWrite - Application</LI> </UL> <P><BR /><BR /></P> Tue, 30 Apr 2024 00:43:42 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585262#M3299 SPatil15 2024-04-30T00:43:42Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585362#M3302 <P>Yes. It depends on the usecase that we need to enable these permissions.</P> <P>&nbsp;</P> <P>If its only for searching and deleting emails and sending emails, we wouldnt need access to Mailbox settings right?<BR /><BR />Im looking to explore the best practices for the integration overall as this gives high privileges.</P> Tue, 30 Apr 2024 15:39:44 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585362#M3302 Moh.Yasser 2024-04-30T15:39:44Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585508#M3303 <P>You can start with minimal permissions and see if the use case you trying works. As per our documentation, the above three permissions are required for all the commands to run. Also as stated in this&nbsp;<A href="https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#cortex-xsoar-application" target="_self">doc</A>&nbsp;use the client credentials flow instead of device code flow as a best practice.</P> Wed, 01 May 2024 10:02:08 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/o365-mail-graph-api-integration-best-practices/m-p/585508#M3303 SPatil15 2024-05-01T10:02:08Z