How to send emails using Microsoft Graph API in .NET 6 + 7 as a background service
Do you need to send emails using Microsoft Graph in .NET? Have you ever been in the need for sending emails from your .NET application? In the past, we used to rely on SMTP clients but SMTP with basic authentication is not that secure anymore 🔓.
As of October 2022, Microsoft has disabled basic authentication for security reasons and we as developers have to comply with that in order to make our applications send emails if we use Microsoft as our service provider for sending emails 📧.
Microsoft has been telling developers for a few years that its SmtpClient is no longer recommended and Microsoft encourages developers to switch to a modern approach.
The SmtpClient type is obsolete on some platforms and not recommended on others; for more information, see the Remarks section.
You can read the full remarks section below.
Basic authentication has been disabled and we usually used that in combination with the SmtpClient. How do we move forward and make sure that our applications are able to send emails today, tomorrow, and next week from Office 365? 🤷♂️ Microsoft Graph is the answer to that 🙌.
Mass send emails using Azure
If you are looking for a way to send thousands of emails (+10.000) using Azure or just a good go-to service when sending emails using a background service, I would recommend you take a look at my article about using Azure Communication Services.
In short - Microsoft Graph is a set of restful HTTP APIs that allows us to interact with Microsoft 365. The API is capable of sending, reading, etc... emails on the Microsoft 365 platform (for your reference Office 365 is becoming Microsoft 365).
In order for our application to send emails without the user interacting we will configure it to run as a daemon. For the program to interact with Microsoft Graph we need to authenticate with an OAuth Access Token that has permissions defined in Azure.
If we were to develop an application where the user grants access to their account it would be easier as the user can make the request for the permissions by themself and allow the program to send emails using delegated permissions. However, that is not the case for this tutorial. We wanna do this as a background service/ a daemon.
In case we need to run this as a background service we can use an App Registration in Azure AD that already has the permissions assigned. The App Registration will provide us with a client id and client secret (you can see them as your old basic credentials), these details can be used to obtain a token from Microsoft 365.
How does that work? It requires some setup in Azure and you might need an administrator to accomplish the task (if you are located in an organization where the IT department has full control of your Azure tenant.)
Register and Configure an application in Azure
To get started you have to sign in to Azure and navigate to Azure AD. Click on App Registration in the menu on your left and click the + New Registration button in the window.
You can enter a name describing your application at a high level. The rest of the settings can you leave as default - our application is not using them.