Send an Email with Warp 10 through Microsoft Graph

Learn how to send email from Warp 10 using Microsoft Graph.

This post will show how to send an email from Warp 10 with Microsoft 365 accounts, using Microsoft 365 API called Microsoft Graph. From Warp 10 (since v3.x), we will use HTTP and CAPADD.

Introduction

The article will be split into three parts:

Office365 Configuration
Warp 10 Configuration
Warpscript

What is Microsoft Graph?

Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows, and Enterprise Mobility + Security.

Use the wealth of data in Microsoft Graph to build apps for organizations and consumers that interact with millions of users.

Office365 Configuration

This configuration is an example, the configuration can changed following your company policies. To follow the configuration you need to:

🔹 Go to: entra.microsoft.com
🔹 In the search bar: App registrations
🔹 Select: App registrations
🔹 New registration:

Put a Name: W10SendMail
Choose your account Type
Let Url empty
Subscribe

🔹 Under Manage in the APP registration tab:

Go to Authorized APIs
Using (…), remove permission User.Read
Add a new permission
Select Microsoft Graph
Select app permission
Mail / Mail.Send (Send mail as any user)
Here you need to Grant admin consent (screenshot below)

Go to Certificates & secrets
New secret
Add Description / Expiration Date (Max period = 2 years)
WARNING: you must copy the value and save it somewhere safe: it will be called client_secret
Go to Overview and Copy:
- Application (client) ID: it will be called client_id
- Directory (tenant) ID: it will be called tenand_id

Warp 10 configuration

Config file

In our WarpScript we are going to use HTTP which is part of the io.warp10.script.ext.http.HttpWarpScriptExtension extension.

To activate it, you need to add these lines to your /opt/warp10/etc/conf.d/99-custom.conf:

warpscript.extension.http = io.warp10.script.ext.http.HttpWarpScriptExtension
warpscript.http.maxrequests = 2

The second line above will be useful because we need at least two requests in order to send an email.

Restart Warp 10 (if you setup a systemd unit).

sudo systemctl restart warp10.service

Token

Since 3.0.0, HTTP is protected by HTTP capability, make sure you have created a token with the correct capabilities. For our case, you can find below a demo-tokengen.mc2.

//   Copyright 2023  SenX S.A.S.
//
//   Licensed under the Apache License, Version 2.0 (the "License");
//   you may not use this file except in compliance with the License.
//   You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
//   Unless required by applicable law or agreed to in writing, software
//   distributed under the License is distributed on an "AS IS" BASIS,
//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//   See the License for the specific language governing permissions and
//   limitations under the License.
//
//
// This is a demo envelope for generating tokens.
// Create your own tokens for production use.
//
JSONPRETTY
'demo.CHANGEME' 'applicationName' STORE
NOW 14 d + MSTU / 'expiryDate' STORE
UUID 'ownerAndProducer' STORE
{
  'id' 'DemoReadToken'
  'type' 'READ'
  'application' $applicationName
  'owner'  $ownerAndProducer
  'issuance' NOW MSTU /
  'expiry' $expiryDate
  'labels' { }
  'attributes' {
    '.cap:http' '.*(microsoftonline.com|graph.microsoft.com).*' // urls will be used to Get token & send email
  }
  'owners' [ $ownerAndProducer ]
  'producers' [ $ownerAndProducer ]
  'applications' [ $applicationName ]
}
TOKENGEN

Learn more about the use of tokens in Warp 10.

WarpScript

Using Microsoft Graph documentation sendMail, need a Bearer {token}.

We need first to ask for a valid Token: Documentation & PostMan Example.

Let's do it with Warpscript:

// @endpoint http://yourserver:8080/api/v0/exec
<%
  SAVE 'context' STORE
  <%
    'xxxxx' 'client_id' STORE
    'xxxxx' 'client_secret' STORE
    'xxxx' 'tenand_id' STORE
    'sender@email.com' 'sender' STORE
    'dupont@dupont.com' 'emailAddress' STORE
    "token_with_capp" 'rt' STORE
    $rt CAPADD 
    // FIRST get access_token
    {
      'method' 'POST'
      'url' 'https://login.microsoftonline.com/' $tenand_id + '/oauth2/v2.0/token' +
      'headers' {
      "Host" "login.microsoftonline.com"
      "Content-Type"  "application/x-www-form-urlencoded"
      }
      'body'
      "client_id=" $client_id + "&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=" + $client_secret + "&grant_type=client_credentials" +
    } HTTP 'return' STORE
    $return 'content' GET 'utf-8' BYTES-> JSON-> 'access_token' GET 'access_token' STORE
    $access_token ISNULL NOT [ "access_token is empty: " $return  ] ->JSON ASSERTMSG 
    // Send Email
    {
      'method' 'POST'
      'url' 'https://graph.microsoft.com/v1.0/users/' $sender + '/sendMail' +
      'headers' {
        'Authorization'  $access_token
        'Content-Type' 'application/json'
      }
      'body'
      {
        'message' {
          'subject' 'Warp10SendEmail'
          'body' {    
            "content" "Hello, Warp10 just sent an email throught Microsoft Graph API."
            "contentType" "Text"
          }
          "toRecipients" [ 
          $emailAddress ';' SPLIT
          <%
            'mail' STORE
            { "emailAddress" { "address" $mail } } 
          %> FOREACH
       ]
        }
        'saveToSentItems' false
      } ->JSON
    } HTTP 'return' STORE
    $return "status.code" GET 202 == $return ->JSON ASSERTMSG 
  %>
  <%
    RETHROW
  %>
  <%
    $context RESTORE
  %> TRY
%>

Conclusion

You can now use Warp 10 to send emails with your Microsoft 365 portal. Please be aware that through Microsoft Graph, you can do much more operations than sending mail.