I'm currently getting an Exchange Identity-Token via an Outlook Add-In. To validate this, I check if the part "msExchUid" of the token matches the field "msExchMailboxGuid" of my Active Directory.
Now I'm trying to do a similar check against the Azure Active Directory. The recommented way (by Microsoft) to get information from Azure is using Microsoft Graph. But after hours of research I found no way to get this specific MailboxGuid via Microsoft Graph.
I tried several REST-calls in the Graph-Explorer but neither "https://graph.microsoft.com/v1.0/me/mailboxsettings" nor "https://graph.microsoft.com/v1.0/me" did return the value I am looking for.
The only thing I found was the Outlook API which hands me the value named as "x-mailboxGuid" in the response-header when calling "https://outlook.office.com/api/beta/me/mailboxsettings".
But as Microsoft itself recommends to use Microsoft Graph for everything, I want to get the mailbox guid from there.
So my question is: Is there any way to get this value via Microsoft Graph?
You can use AutoDiscover to get that either the authenticate SOAP/POX version of the new v2 Autodiscover endpoint which you get with just an unauthenticated get to eg
Invoke-WebRequest https://outlook.office365.com/autodiscover/autodiscover.json/v1.0/user@domain.com?Protocol=Rest
And the Exchange Guid will be returned in the X-MailboxGuid header, the Exchange Guid isn't really considered private information so can you use that request to get anybodies Exchange guid that's hosted on Office365.