Skip to content

Permissions

To enable the lette.io proxy to pass emails from Exchange Online to your email client, two kinds of permissions are required:

  • The permission to access Exchange Online via IMAPS needs to be granted.
  • The lette.io proxy enterprise application requires access to the specific mailboxes configured for proxying.

Grant IMAPS permissions to Exchange Online

To enable the lette.io proxy to access Exchange Online via IMAPS, switch to the permissions tab in the lette.io console webinterface. In the proxy permissions table, click the Consent-link for the IMAP.AccessAsApp permission and confirm the requested consent.

Add permissions to your mailboxes

Export the list of configured emailaccounts

To grant the lette.io proxy access to the configured mailboxes, navigate to the email accounts tab in the console. Click the Export button and save the list of configured mailboxes on your local computer.

Install the required PowerShell modules to set the permissions

To use PowerShell to set the required permissions on your mailboxes, ensure the required modules are installed.

# install the Microsoft Graph module
Install-Module -Name Microsoft.Graph -Scope CurrentUser

# install the Exchange Online module
Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser

Add the mailbox permissions

After installing the modules you can use the following PowerShell script to set the correct permissions for all the mailboxes previously configured in lette.io.

Please make sure to adjust the $Path variable to match the path used when exporting the list of email accounts from lette.io.

# SET THE PATH TO THE EXPORTED CSV
$Path = "C:\path\to\export.csv"

# connect to microsoft graph with the permission
# to query application registrations
Connect-MgGraph -Scopes "Application.Read.All"

# connect to exchange online
Connect-ExchangeOnline

# get the lette.io proxy enterprise application
$EnterpriseApp = Get-MgServicePrincipal -All | where AppId -eq "f6d655bc-5186-4027-b610-e3b59ae643fa"

# create a service principal if it not already exists
if (-not (Get-ServicePrincipal -Identity $EnterpriseApp.Id)){
  New-ServicePrincipal -AppId $EnterpriseApp.AppId -ServiceId $EnterpriseApp.Id
}

# add permissions for each mailbox
foreach ($Record in Import-Csv -Path $Path){
  Add-MailboxPermission -Identity $Record.mailaddress -User $EnterpriseApp.Id -AccessRights FullAccess
}

Next steps

The last step is to configure your email client to receive your emails through lette.io.