backupchecks

History

Ivo Oskamp 80f4052756 Enhance Mail Import Setup with Application Access Policy security Enhanced Mail Import Setup documentation with additional security measures: - Step 1.3: Start with Mail.Read only (read-only) for initial testing - Step 1.4 (NEW): Restrict access to one mailbox via Application Access Policy - Exchange PowerShell commands to create and test policy - Ensures app can only access backup mailbox, not all tenant mailboxes - Marked as "Optional but Recommended" following principle of least privilege - Step 1.5: Add Mail.ReadWrite after testing (moved from 1.3) - Updated Security Best Practices section to emphasize mailbox restriction - Added security notes about starting read-only and rotating secrets (12 months) Based on setup documented in /docker/develop/HOWTO-CREATE-GRAPH-APP.md Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-08 16:00:55 +01:00
..
backupchecks	Enhance Mail Import Setup with Application Access Policy security	2026-02-08 16:00:55 +01:00

Ivo Oskamp 80f4052756 Enhance Mail Import Setup with Application Access Policy security

Enhanced Mail Import Setup documentation with additional security measures:
- Step 1.3: Start with Mail.Read only (read-only) for initial testing
- Step 1.4 (NEW): Restrict access to one mailbox via Application Access Policy
  - Exchange PowerShell commands to create and test policy
  - Ensures app can only access backup mailbox, not all tenant mailboxes
  - Marked as "Optional but Recommended" following principle of least privilege
- Step 1.5: Add Mail.ReadWrite after testing (moved from 1.3)
- Updated Security Best Practices section to emphasize mailbox restriction
- Added security notes about starting read-only and rotating secrets (12 months)

Based on setup documented in /docker/develop/HOWTO-CREATE-GRAPH-APP.md

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-08 16:00:55 +01:00

backupchecks

Enhance Mail Import Setup with Application Access Policy security

2026-02-08 16:00:55 +01:00