Permissions
To enable the lette.io proxy to pass emails from Exchange Online to your email client, two kinds of permissions are required:
- The permission to access Exchange Online via IMAPS needs to be granted.
- The lette.io proxy enterprise application requires access to the specific mailboxes configured for proxying.
Grant IMAPS permissions to Exchange Online
To enable the lette.io proxy to access Exchange Online via IMAPS, switch to the permissions tab in the lette.io console webinterface. In the proxy permissions table, click the Consent-link for the IMAP.AccessAsApp permission and confirm the requested consent.
Add permissions to your mailboxes
Export the list of configured emailaccounts
To grant the lette.io proxy access to the configured mailboxes, navigate to the email accounts tab in the console. Click the Export button and save the list of configured mailboxes on your local computer.
Install the required PowerShell modules to set the permissions
To use PowerShell to set the required permissions on your mailboxes, ensure the required modules are installed.
# install the Microsoft Graph module
Install-Module -Name Microsoft.Graph -Scope CurrentUser
# install the Exchange Online module
Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser
Add the mailbox permissions
After installing the modules you can use the following PowerShell script to set the correct permissions for all the mailboxes previously configured in lette.io.
Please make sure to adjust the $Path
variable to match the
path used when exporting the list of email accounts from lette.io.
# SET THE PATH TO THE EXPORTED CSV
$Path = "C:\path\to\export.csv"
# connect to microsoft graph with the permission
# to query application registrations
Connect-MgGraph -Scopes "Application.Read.All"
# connect to exchange online
Connect-ExchangeOnline
# get the lette.io proxy enterprise application
$EnterpriseApp = Get-MgServicePrincipal -All | where AppId -eq "f6d655bc-5186-4027-b610-e3b59ae643fa"
# create a service principal if it not already exists
if (-not (Get-ServicePrincipal -Identity $EnterpriseApp.Id)){
New-ServicePrincipal -AppId $EnterpriseApp.AppId -ServiceId $EnterpriseApp.Id
}
# add permissions for each mailbox
foreach ($Record in Import-Csv -Path $Path){
Add-MailboxPermission -Identity $Record.mailaddress -User $EnterpriseApp.Id -AccessRights FullAccess
}
Next steps
The last step is to configure your email client to receive your emails through lette.io.