EWS API to get folder using AUTH returned Token in JAVA
We are trying to authenticate through Azure AD and return a token to do a call using EWS API.
if my scope https://outlook.office365.com/EWS.AccessAsUser.All/.default then it returns "com.microsoft.aad.msal4j.MsalServiceException: AADSTS500011: The resource principal named https://outlook.office365.com/EWS.AccessAsUser.All was not found in the tenant named company. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant."
If my scope https://outlook.office365.com/.default then it returns The request failed. The request failed. The remote server returned an error: (403)
Not sure if API permission is incorrect or something on my code?
App registration API permissions (https://i.sstatic.net/kDhjI.png)
I was expecting to authenticate and EWS API returns a list of folders.
For the delegated authentication the correct scope is
https://outlook.office365.com/EWS.AccessAsUser.All
you should not have /.default at the end that will make the scope invalid which is why your getting the error.
In the link you provided for the code it show you using the client credentials flow however in your permission list you don't list any application permissions. For EWS to use the client credentials flow you need to have the full_access_as_app permission eg 
The scope you then would use is
https://outlook.office365.com/.default
If you can't find the application permission in the UI you can add it by modifying the manifest see app only authentication in https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth
- Azure Service Plan - Convert Consumption App to Premium App
- No PK or FK when exporting SQL Server database
- Assigning a Token Lifetime Policy to an application in Microsoft EntraID seems to have no effect
- How to create a dataset for Azure custom speech using spx (speechCLI)
- Azure App Service Autoscale Fails to Scale In
- Azure Scale Out on Memory keeps flapping (not scaling in)
- Setting a server minimum for Azure Web App when using automatic scaling, from Bicep
- A keyvault created with access policy using BICEP creates compound identity
- Azure Loadbalancer with public IP forward traffic to Container Apps
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
- What means skipNegotiation in SignalR HubConnection?
- Azure ClientCertificateCredential - Using SNI
- Azure AI Search MultiIndex / Conditional Semantic search
- MSAL Node service & The Partner Center API
- Load Registered Component in Azure ML for Pipeline using Python sdk v2
- Azure Blob:- How to automate Azure Archive Storage to Cool/Hot tier conversion, send download link once it's avaible , and re-archive after 72 hours?
- Azure App Service Custom Backup to Firewall Enabled Storage Account not working as expected
- How to take max value and replace it in drived column in data factory
- Synapse/ ADF - How to Truncate table if dynamic config column is True in pre-copy script
- Azure Cost Management - track costs associated with Databricks job
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How to check Debug.Writeline() output in VS code?
- C# API - Provide download of files from Azure Blobstorage
- localhost:300/api is not working : "This page isn’t working"
- Creating an Azure Linux VM with Ubuntu 20.04 with Terraform
- Failed to deploy path that does not exist
- Using Azure WAF for my server(not in Azure)
- How and where to define an environment variable on Azure
- Azure Data Factory - Unable to preview data
- Azure yaml trigger pipeline every 14 days on a Saturday