<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Microsoft Exchange Online and POP3 Access in Digital Exchange</title>
    <link>https://community.blueprism.com/t5/Digital-Exchange/Microsoft-Exchange-Online-and-POP3-Access/m-p/125757#M4696</link>
    <description>&lt;P&gt;Hi Folks,&lt;/P&gt;&lt;P&gt;I thought I'd post an update for anyone who makes use of the POP3/SMTP/IMAP VBO along with Exchange Online.&lt;/P&gt;&lt;P&gt;As you may or may not know, Microsoft has been working to remove support of older APIs and protocols from their products/platforms for some time now. Some examples include removal of the COM API from the latest Outlook client and removal of POP3 support for Delegated Access tokens from Exchange Online.&lt;/P&gt;&lt;P&gt;This last one can create an issue if you have digital workers currently leveraging the POP3/SMTP/IMAP VBO to interact with specific user mailboxes via Delegated Access. You can address this in one of two ways:&lt;/P&gt;&lt;OL&gt;&lt;LI&gt;Switch to an &lt;STRONG&gt;Application Access&lt;/STRONG&gt; token (the equivalent of a service account)&lt;/LI&gt;&lt;LI&gt;Switch to using the Graph API and our &lt;STRONG&gt;Microsoft 365 - Outlook&lt;/STRONG&gt; connector (Note: The Outlook client is not actually required to use this connector).&lt;/LI&gt;&lt;/OL&gt;&lt;P&gt;For option #1, there are some specific steps you have to undertake to setup Exchange to permit this access. I've outlined them below:&lt;/P&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;&lt;STRONG&gt;&lt;U&gt;Register Your Application w/ Exchange Online&lt;/U&gt;&lt;/STRONG&gt;&lt;/DIV&gt;&lt;OL&gt;&lt;LI&gt;You first need to obtain the &lt;EM&gt;&lt;STRONG&gt;application ID&lt;/STRONG&gt;&lt;/EM&gt; and &lt;EM&gt;&lt;STRONG&gt;object ID&lt;/STRONG&gt;&lt;/EM&gt; of the application registration in Entra. Go to your Azure Portal and then&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;STRONG&gt;&lt;EM&gt;App registrations&lt;/EM&gt;&lt;/STRONG&gt;.&lt;BR /&gt;&lt;DIV class=""&gt;&amp;nbsp;&lt;/DIV&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ewilson_2-1782225104899.png" style="width: 400px;"&gt;&lt;img src="https://community.blueprism.com/t5/image/serverpage/image-id/42247i3D1A1F85E9B04A42/image-size/medium/is-moderation-mode/true?v=v2&amp;amp;px=400" role="button" title="ewilson_2-1782225104899.png" alt="ewilson_2-1782225104899.png" /&gt;&lt;/span&gt;&lt;/LI&gt;&lt;LI&gt;Find your specific application definition and click on it. That should bring you to the overview screen where you'll find the&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;STRONG&gt;&lt;EM&gt;Object ID&amp;nbsp;&lt;/EM&gt;&lt;/STRONG&gt;and&lt;EM&gt;&amp;nbsp;&lt;STRONG&gt;Application (client) ID&lt;/STRONG&gt;&lt;/EM&gt;​​.&lt;BR /&gt;&lt;DIV class=""&gt;&amp;nbsp;&lt;/DIV&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ewilson_3-1782225142916.png" style="width: 400px;"&gt;&lt;img src="https://community.blueprism.com/t5/image/serverpage/image-id/42248i7FD09C31F790FCAF/image-size/medium/is-moderation-mode/true?v=v2&amp;amp;px=400" role="button" title="ewilson_3-1782225142916.png" alt="ewilson_3-1782225142916.png" /&gt;&lt;/span&gt;&lt;/LI&gt;&lt;LI&gt;Copy those two IDs and then open a Powershell terminal and connect to your Exchange Online instance. To connect to Exchange Online from a Powershell terminal, reference the attached Microsoft link:&lt;BR /&gt;&lt;A href="https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps" target="_blank" rel="noopener noreferrer"&gt;Connect to Exchange Online PowerShell | Microsoft Learn&lt;/A&gt;&amp;nbsp;&lt;BR /&gt;&lt;BR /&gt;&lt;/LI&gt;&lt;LI&gt;Once you're Powershell terminal is connected to Exchange Online, run the following command to register your application:&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;New-ServicePrincipal -AppId &amp;lt;YOUR APP ID&amp;gt; -ObjectId &amp;lt;YOUR OBJECT ID&amp;gt; -DisplayName "NAME OF YOUR APP"&lt;/STRONG&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;/LI&gt;&lt;LI&gt;&lt;STRONG&gt;​&lt;/STRONG&gt;&lt;SPAN&gt;&lt;SPAN&gt;You can then verify the registration took place by executing this command:&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;Get-ServicePrincipal | fl DisplayName,AppId,ServiceId​&lt;BR /&gt;&lt;/STRONG&gt;&lt;BR /&gt;&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/LI&gt;&lt;LI&gt;Now, you must grant the service principal access to the specific mailbox. You do that with the following command:&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;Add-MailboxPermission -Identity &amp;lt;SPECIFIC MAILBOX ADDRESS&amp;gt; -User &amp;lt;APP OBJECT ID&amp;gt; -AccessRights FullAccess​&lt;/STRONG&gt;&lt;/LI&gt;&lt;/OL&gt;&lt;DIV&gt;At this point, you should be able to request an Application Access token, via the&lt;SPAN&gt;&amp;nbsp;&lt;A href="https://digitalexchange.blueprism.com/cardDetails?id=126392" target="_blank" rel="noopener"&gt;MSAL.NET&lt;/A&gt;&amp;nbsp;&lt;/SPAN&gt;VBO, and pass that into the POP3/SMTP/IMAP VBO, along with the mailbox address, and be able to connect to and retrieve email from said mailbox.&lt;/DIV&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;&lt;STRONG&gt;NOTE:&lt;/STRONG&gt; These directions do not include the steps necessary to create your initial application registration in Entra. For that, refer to the user guide included with the MSAL VBO.&lt;/DIV&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;If you don't want to mess with the Powershell and Exchange registration steps outlined above, the better option is to switch the using the Graph API. It is Microsoft's go-to API for most things these days.&lt;/DIV&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;Cheers,&lt;/DIV&gt;&lt;DIV&gt;Eric&lt;/DIV&gt;</description>
    <pubDate>Tue, 23 Jun 2026 14:45:44 GMT</pubDate>
    <dc:creator>ewilson</dc:creator>
    <dc:date>2026-06-23T14:45:44Z</dc:date>
    <item>
      <title>Microsoft Exchange Online and POP3 Access</title>
      <link>https://community.blueprism.com/t5/Digital-Exchange/Microsoft-Exchange-Online-and-POP3-Access/m-p/125757#M4696</link>
      <description>&lt;P&gt;Hi Folks,&lt;/P&gt;&lt;P&gt;I thought I'd post an update for anyone who makes use of the POP3/SMTP/IMAP VBO along with Exchange Online.&lt;/P&gt;&lt;P&gt;As you may or may not know, Microsoft has been working to remove support of older APIs and protocols from their products/platforms for some time now. Some examples include removal of the COM API from the latest Outlook client and removal of POP3 support for Delegated Access tokens from Exchange Online.&lt;/P&gt;&lt;P&gt;This last one can create an issue if you have digital workers currently leveraging the POP3/SMTP/IMAP VBO to interact with specific user mailboxes via Delegated Access. You can address this in one of two ways:&lt;/P&gt;&lt;OL&gt;&lt;LI&gt;Switch to an &lt;STRONG&gt;Application Access&lt;/STRONG&gt; token (the equivalent of a service account)&lt;/LI&gt;&lt;LI&gt;Switch to using the Graph API and our &lt;STRONG&gt;Microsoft 365 - Outlook&lt;/STRONG&gt; connector (Note: The Outlook client is not actually required to use this connector).&lt;/LI&gt;&lt;/OL&gt;&lt;P&gt;For option #1, there are some specific steps you have to undertake to setup Exchange to permit this access. I've outlined them below:&lt;/P&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;&lt;STRONG&gt;&lt;U&gt;Register Your Application w/ Exchange Online&lt;/U&gt;&lt;/STRONG&gt;&lt;/DIV&gt;&lt;OL&gt;&lt;LI&gt;You first need to obtain the &lt;EM&gt;&lt;STRONG&gt;application ID&lt;/STRONG&gt;&lt;/EM&gt; and &lt;EM&gt;&lt;STRONG&gt;object ID&lt;/STRONG&gt;&lt;/EM&gt; of the application registration in Entra. Go to your Azure Portal and then&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;STRONG&gt;&lt;EM&gt;App registrations&lt;/EM&gt;&lt;/STRONG&gt;.&lt;BR /&gt;&lt;DIV class=""&gt;&amp;nbsp;&lt;/DIV&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ewilson_2-1782225104899.png" style="width: 400px;"&gt;&lt;img src="https://community.blueprism.com/t5/image/serverpage/image-id/42247i3D1A1F85E9B04A42/image-size/medium/is-moderation-mode/true?v=v2&amp;amp;px=400" role="button" title="ewilson_2-1782225104899.png" alt="ewilson_2-1782225104899.png" /&gt;&lt;/span&gt;&lt;/LI&gt;&lt;LI&gt;Find your specific application definition and click on it. That should bring you to the overview screen where you'll find the&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;STRONG&gt;&lt;EM&gt;Object ID&amp;nbsp;&lt;/EM&gt;&lt;/STRONG&gt;and&lt;EM&gt;&amp;nbsp;&lt;STRONG&gt;Application (client) ID&lt;/STRONG&gt;&lt;/EM&gt;​​.&lt;BR /&gt;&lt;DIV class=""&gt;&amp;nbsp;&lt;/DIV&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ewilson_3-1782225142916.png" style="width: 400px;"&gt;&lt;img src="https://community.blueprism.com/t5/image/serverpage/image-id/42248i7FD09C31F790FCAF/image-size/medium/is-moderation-mode/true?v=v2&amp;amp;px=400" role="button" title="ewilson_3-1782225142916.png" alt="ewilson_3-1782225142916.png" /&gt;&lt;/span&gt;&lt;/LI&gt;&lt;LI&gt;Copy those two IDs and then open a Powershell terminal and connect to your Exchange Online instance. To connect to Exchange Online from a Powershell terminal, reference the attached Microsoft link:&lt;BR /&gt;&lt;A href="https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps" target="_blank" rel="noopener noreferrer"&gt;Connect to Exchange Online PowerShell | Microsoft Learn&lt;/A&gt;&amp;nbsp;&lt;BR /&gt;&lt;BR /&gt;&lt;/LI&gt;&lt;LI&gt;Once you're Powershell terminal is connected to Exchange Online, run the following command to register your application:&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;New-ServicePrincipal -AppId &amp;lt;YOUR APP ID&amp;gt; -ObjectId &amp;lt;YOUR OBJECT ID&amp;gt; -DisplayName "NAME OF YOUR APP"&lt;/STRONG&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;/LI&gt;&lt;LI&gt;&lt;STRONG&gt;​&lt;/STRONG&gt;&lt;SPAN&gt;&lt;SPAN&gt;You can then verify the registration took place by executing this command:&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;Get-ServicePrincipal | fl DisplayName,AppId,ServiceId​&lt;BR /&gt;&lt;/STRONG&gt;&lt;BR /&gt;&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/LI&gt;&lt;LI&gt;Now, you must grant the service principal access to the specific mailbox. You do that with the following command:&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;Add-MailboxPermission -Identity &amp;lt;SPECIFIC MAILBOX ADDRESS&amp;gt; -User &amp;lt;APP OBJECT ID&amp;gt; -AccessRights FullAccess​&lt;/STRONG&gt;&lt;/LI&gt;&lt;/OL&gt;&lt;DIV&gt;At this point, you should be able to request an Application Access token, via the&lt;SPAN&gt;&amp;nbsp;&lt;A href="https://digitalexchange.blueprism.com/cardDetails?id=126392" target="_blank" rel="noopener"&gt;MSAL.NET&lt;/A&gt;&amp;nbsp;&lt;/SPAN&gt;VBO, and pass that into the POP3/SMTP/IMAP VBO, along with the mailbox address, and be able to connect to and retrieve email from said mailbox.&lt;/DIV&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;&lt;STRONG&gt;NOTE:&lt;/STRONG&gt; These directions do not include the steps necessary to create your initial application registration in Entra. For that, refer to the user guide included with the MSAL VBO.&lt;/DIV&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;If you don't want to mess with the Powershell and Exchange registration steps outlined above, the better option is to switch the using the Graph API. It is Microsoft's go-to API for most things these days.&lt;/DIV&gt;&lt;DIV&gt;&amp;nbsp;&lt;/DIV&gt;&lt;DIV&gt;Cheers,&lt;/DIV&gt;&lt;DIV&gt;Eric&lt;/DIV&gt;</description>
      <pubDate>Tue, 23 Jun 2026 14:45:44 GMT</pubDate>
      <guid>https://community.blueprism.com/t5/Digital-Exchange/Microsoft-Exchange-Online-and-POP3-Access/m-p/125757#M4696</guid>
      <dc:creator>ewilson</dc:creator>
      <dc:date>2026-06-23T14:45:44Z</dc:date>
    </item>
  </channel>
</rss>

