Enterprise Applications: Restricting Application Mailbox Access

Limiting application permissions to specific Exchange Online mailboxes.

PowerShell

Connect-ExchangeOnline

# Application Client Id
$clientId = ''
# The PolicyScopeGroupId is a UserMailbox, MailUser or
# MailUniversalSecurityGroup (containing mailboxes)
$policyScopeGroupId = ''
$description = ''
$params = @{
    AppId = $clientId
    PolicyScopeGroupId = $policyScopeGroupId
    AccessRight = 'RestrictAccess'
    Description = $description
}
# Minimum Exchange role required: OrganizationConfiguration 
New-ApplicationAccessPolicy @params

Dependencies

Exchange Online PowerShell

Install-Module ExchangeOnlineManagement -AllowClobber -Force