Office365 autodiscover.xml returns 403 Forbidden
I'm working on a simple benchmark script that requires information provided by https://outlook.office365.com/autodiscover/autodiscover.xml. I am using basic authentication with my outlook.com email credentials and it works fine when testing from my computer.
When I shared the script with my colleague (using the same credentials) he was getting a 403 Forbidden response for the request. After some trial and error, it seems like the script is working from multiple different networks inside my country but as soon as I run it from a different country, I get the 403 Forbidden. Since this is a benchmark script it is essential I use the same credentials.
I cannot get any information as to what might cause the issue, given that the script is always the same, I suspect this could be a security feature preventing a user to authenticate from different countries, but I was unable to find any documentation or even mention of it.
Does anyone have an idea what might be causing the 403?
I found the answer. When a request against autodiscover.xml and other APIs is sent from a country/region that has no previous logins through the website, API requests are responded with 403 Forbidden and marked as Unusual activity in Activity log:
After logging in to the account using the browser from that country/region API requests started to work in a few minutes. At this point, I don't know for how long the country/region will be whitelisted before I will have to redo a manual login.
- How to Get the Current User's Email Address in a Windows Office Network Using C#
- Connect-ExchangeOnline with German 0365 cloud always times out
- Can I use NOT or 'only if' in Exchange message rules?
- MAPI cannot read all entries of the global address list (GAL) anymore in Exchange Online since January 2024
- Microsoft Graph API - "Decline event" call fails
- EWS Streaming Subscription with Exchange Online
- Exchange Web Services: Unsubscribe from Events
- Can there be multiple DKIM and SPF records on one domain (alongside Microsoft Exchange hosted email)?
- Fast Transfer Stream Parser EWS Export Items
- In Exchange 2019 on-prem, how do I configure send connectors to disable DNS lookups?
- Is there a method to set the replyTo header of an email using Exchange Web Service (EWS)?
- Connecting to EWS using VBA - Retrieve data using GET call via XML
- Powershell Try/catch - get-user
- Executing a Powershell script from PHP
- Can we get messages from outlook grouped by conversations with REST API
- EWS Managed API Getting Error "DTD dtd is prohibited in this xml document"
- Mailboxusage report via Graph api gives back hash values
- Autologin to Outlook in Domain with Exchange 2016
- How to speed up PowerShell script to pull Get-EXOMailbox and Get-EXOMailboxStatistics info with formating on 18k mailboxes
- How to Properly Export CSV for Get-Mail Results?
- Add and Update custom property for Exchange Email
- Getting a sent MailMessage into the "Sent Folder"
- Losing vowel mutations in Powershell type convertion
- Filter recipients on having email address(es) from an array of email domains
- Perl change Email Subject
- exchangelib - All steps in the autodiscover protocol failed
- Exchange Web Services - Send email with attachment
- Updating the subject of a M365 recurring calendar event instance
- What caches the mailSettings of my ASP application?
- how to create recurring meeting weekly, monthly and yearly in exchange mailbox calendar using EWS Managed API in PowerShell