My feature was built before /createReply existed and relies on:
Set a custom header with Outlook/Office 365 REST
to add References and In-Reply-To to an email. This allows the app to send email replies w/o requiring Mail.ReadWrite, which is much more access than we need:
https://learn.microsoft.com/en-us/graph/permissions-reference#mail-permissions
Read and write access to user mail
Allows the app to create, read, update, and delete email in user mailboxes. Does not include permission to send mail.
Now those headers no longer get added. (I also tried Cannot pass "In-Reply-To" parameter to Microsoft Graph sendMail and arrived at the same result as the author.)
Is there a way for me to get around this regression without requesting additional user permission? Thanks!
https://learn.microsoft.com/en-us/graph/api/user-sendmail?view=graph-rest-1.0&tabs=http
As of 2019-10-04, Microsoft published changes to their /reply endpoint which now allows for message:
https://learn.microsoft.com/en-us/graph/api/message-reply?view=graph-rest-1.0&tabs=http#request-body
https://github.com/microsoftgraph/microsoft-graph-docs/pull/5771
With the message field, I should be able to send replies w/o requesting additional permissions.
Related
I'm building my first Slack bot and I've got the basics mostly working... sending API requests, receiving commands and events, etc. But the part I'm left a bit confused about is what I'm supposed to do with the "Bot User OAuth Access Token".
The token appears to be shared across teams/workspaces, but it is returned to be during authentication of individual users with a call to /oauth.v2.access. Currently I'm storing the returned credentials payload in a table that has three columns:
My app's internal user ID
The Slack user ID embedded in the payload as authed_user.id
The entire JSON payload itself (jsonb in postgres if you're curious)
This allows me to initiate new API calls for actions that take place in my app (find by internal user ID) and also for interactions within Slack (find by Slack user ID).
What has left me a bit puzzled is what the convention is for when a user interacts with my bot that hasn't added my app. This can happen when a person ("Jose") adds my app and then their colleague ("Mary") discovers it in Slack and views the home screen, sends it a message, etc.
In order to take some action, such as prompt for the user to install my app, I need a token. Of course I have a token for Jose but not for Mary. I also have Jose's team ID stored in my table and Mary's team ID as part of the incoming event. So technically I could do something like this to get a working token to interact with Mary:
select credential_json from slack_credentials
where credential_json->>'type' = 'bot' and credential_json->'team'->>'id' = :marysTeamId
... which would pull out the bot token I captured when Jose added the app. This works, but it feels very wrong. I suppose if I just stored bot tokens in a separate table that looked like this:
The Slack team ID embedded in the payload as team.id
A subset of the JSON payload (ex: access_token, scope, bot_user_id, etc but not authed_user)
Then it wouldn't feel so yucky. But the docs + API ergonomics don't suggest this is a common approach either. So I'm curious what others do. If I don't hear anything back, I suppose my plan is to break out the bot tokens into a team-centric table.
Thanks!
The basic concept of Slack apps is that they are installed per workspace, not per user.
So while it's true that the app's token is derived from the user who installed your app to a new workspace, most the apps function are available to all users of the workspace.
e.g. slash commands will work for every user in every channel
e.g. posts of your app will be visible to all users of the related channel.
Therefore the best approach for storing tokens usually is with a primary key of Slack Team ID, Slack User ID.
And just to clarify. You do not need a token to prompt a user to install you app. Every app can be installed from webpage hosted by you (with the "Add to Slack button") or directly from the App Directory.
I have an Outlook Office-JS addin that adds what is basically a third-party send via an addin command button. In the background, this does some processing on the draft message then sends it via the Office365 / Graph send API: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/message_send
I've verified when I do send the message from the backend component of my app, I do see that the e.g. reply headers are set correctly, but apparently this isn't enough to set the parent message as replied / forwarded in Outlook.
Given that, I'd like to manually set the parent message as replied to / forwarded when sending. From reading other posts it looks like the following attributes https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidtaglastverbexecuted-canonical-property could help me do that.
However, I'm not sure how to identity a draft message on either the Office-JS side or via the Graph API as a reply / forwarded email, nor do I know how to get the parent message (original email replied to / forwarded) handle or ID.
Currently you cannot get the state of a draft or the parent ID with Office JS. What is your scenario for saving a message as a draft and then sending with Graph? We track Outlook add-in feature requests on ourĀ user-voice page. Please add your request there. Feature requests on user-voice are considered when we go through our planning process.
I am using the Microsoft Graph SDK as downloaded from NuGet (1.2). I authenticate to Azure AD (using ADAL).
I am using Client Credentials flow (not authenticated as any particular user) and am using Application Permission roles to access resources.
We are going to set up one service mailbox with a bunch of aliases. The aliases are given to the clients. This is so they are emailing an address that has a meaningful name to them.
My app will run as a service, and routinely scan new emails in this inbox. It should find the To address, and depending on what alias was used, file the email in a location relevant to that client.
The resource I want is: GET /users/<id | userPrincipalName>/messages
However, there doesn't appear to be a method in the SDK for it.
I can get users with this:
IGraphServiceUsersCollectionPage filteredUsers =
graphApi.Users.Request()
.Filter("userPrincipalName eq 'user#domain.com'")
.GetAsync().Result;
When I loop through the collection, I can see that the User has a 'Messages' property, but it is always null.
If I manually build a request message with HttpClient I can get the messages.
The second problem is that the Recipient property is always the userPrincipalName of the mailbox. How can I get the alias that was used by the sender?
While you are able to get your collection of users successfully, you have to make another request to receive the messages. This would look something like:
IUserMessagesCollectionPage userMessages =
graphApi.Users["user_id"].Messages.Request()
.GetAsync().Result;
To answer your second question, at this time you cannot access the original recipient through the Graph API, but you can do this through EWS. This is due to the fact that you can only retrieve the SMTP message headers through EWS. You can read more about how to do this here.
If this is something you believe is valuable to you in the Graph, I would encourage you to post it in our UserVoice.
If you want to get the email as a file, you can simply get the body as bytes through the SDK:
byte[] asBytes = Encoding.Unicode.GetBytes(message.Body.ToString());
How do I send a facebook app requests from one mobile user to another using the Graph API?
I have looked at facebooks documentation but the only options I have found are to A) send an app to user message from the app (which I can't get working) or B) to use the request dialog, which doesn't seem to let me send a request to a single user.
FB has instructions for how to build a custom "Multi-Friend Selector" but apparently not for mobile.
I have tried using HTTP POSTing to
https://graph.facebook.com/%s?access_token= ...
with POST data set to
message='Test Message'
but I get
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Failed to create any app request"
I have also tried in the Graph API Explorer but I get the same thing.
I don't want to send these messages to users that have installed the app and I don't mind the user having to provide confirmation for the FBFrictionlessRecipientCache. Also, my app is in Sandbox mode, but I only need to send the requests to the other developers.
I am looking for anything that will let me do multi-friend selectors or ask for lives, or get help from a friend, like I see in several mobile games these days.
You can use presentRequestsDialogModallyWithSession from FBWebDialogs.
You must specify a "to" parameter to identify the recipient, and you must use the FBFrictionlessRecipientCache.
The "to" parameter identifies the recipient. It stops the select user dialog from appearing.
The first time you send the request to each recipient the user will have to grant permission. After that, the FBFrictionlessRecipientCache will allow the request to be sent relatively silently (a dialog pops up briefly and goes away by itself).
My app creates an email that can have sensitive data in it (depending on the users perspective). Is there a way on the iphone's email client not save a copy in the Sent folder.
And in the same way, if the user choses they can send it via text..is there a way to not have it be in the Message streams.
I'm thinking there is not but I'd love confirmation of this if possible. I've been scouring but can't seem to tell if it's possible.
Thanks.
I'll break this into two parts:
Not putting a copy of a sent message in the sent folder:
There's no easy way to do this since you don't have access to a user's mail. You could have the user enter their email service's IMAP details and write your own mail sending implementation that then goes and deletes the sent message from the server, but it's possible that mail clients would keep a local copy regardless of what happens on the server if they grab the message before you delete it. Regardless, this is a really terrible user experience (having the user enter IMAP details, not using the built in mail composer) and it'd be difficult to write (and you would need to be insanely careful about deleting something from a user's mailbox, and you'd have to ask them if it's okay to do so).
Not showing a text message in a Messages app conversation stream:
There's actually a way to do this. Text messages can be sent to users via a specially formatted email address that's different for every cell service provider. For example, to send a text to a Verizon subscriber it'd be 5551239876#vtext.com. For this solution to work you'd need to send the message using some sort of automatically generated email address that you retrieve from a mail server you've created, and then you'd need to implement your own SMTP mailer on the device. Of course, a user can always request text message transcripts from their cell service provider (and some have easy access online) and there's no way around that.
How sensitive is this information? Email and text message aren't very secure protocols. You may want to consider alternative methods that provide encryption and authentication mechanisms.
No its not possible if you are using the built in mailer in iOS. Something you could do if you wanted to get around this would be to make a customer mailer, send the information to a server and send off the mail through code but this is quite a bit more work.