Mail.ReadWrite
Export JSON
Export CSV
Copy URL
Print
ApplicationDelegated
Read/Write
User Scope
Allows the app to create, read, update, and delete mail in all mailboxes without a signed-in user. Does not include permission to send mail.
Permission data: April 6, 2026 at 4:06 AM UTC
Delegated Access
App-Only Access
Permission Details
Application Permission
Read and write mail in all mailboxes
Allows the app to create, read, update, and delete mail in all mailboxes without a signed-in user. Does not include permission to send mail.
Permission ID:
e2a3a72e-5f79-4c64-b1b1-878b674786c9
Delegated Permission
User consent allowed
Read and write access to user mail
Allows the app to create, read, update, and delete email in user mailboxes. Does not include permission to send mail.
User sees: Allows the app to read, update, create and delete email in your mailbox. Does not include permission to send mail.
Permission ID:
024d486e-b451-40bb-833d-3e66d98c5c73
Properties
Microsoft Graph v1.0
mapped-docs
Properties is shown from stable Microsoft Graph v1.0 metadata.
| Property | Type | Description |
|---|---|---|
bccRecipients |
recipient collection |
The Bcc: recipients for the message. |
body |
itemBody |
The body of the message. It can be in HTML or text format. Find out about safe HTML in a message body. |
bodyPreview |
StringNullable |
The first 255 characters of the message body. It is in text format. |
ccRecipients |
recipient collection |
The Cc: recipients for the message. |
changeKey |
StringNullable |
The version of the message. |
conversationId |
StringNullable |
The ID of the conversation the email belongs to. |
conversationIndex |
Edm.BinaryNullable |
Indicates the position of the message within the conversation. |
createdDateTime |
DateTimeOffsetNullable |
The date and time the message was created. , , The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
flag |
followupFlag |
Indicates the status, start date, due date, or completion date for the message. |
from |
recipient |
The owner of the mailbox from which the message is sent. In most cases, this value is the same as the sender property, except for sharing or delegation scenarios. The value must correspond to the actual mailbox used. Find out more about setting the from and sender properties of a message. |
hasAttachments |
BooleanNullable |
Indicates whether the message has attachments. This property doesn't include inline attachments, so if a message contains only inline attachments, this property is false. To verify the existence of inline attachments, parse the body property to look for a src attribute, such as <IMG src="cid:[email protected]". |
id |
String |
Unique identifier for the message. |
attachments |
attachment collection |
The fileAttachment and itemAttachment attachments for the message. |
categories |
string collection |
The categories associated with the item |
extensions |
extension collection |
The collection of open extensions defined for the message. Nullable. |
Showing 15 of 35 properties.
JSON Representation
Microsoft Graph v1.0
mapped-docs
JSON representation is shown from stable Microsoft Graph v1.0 metadata.
JSON representation
{
"bccRecipients": [
{
"@odata.type": "microsoft.graph.recipient"
}
],
"body": {
"@odata.type": "microsoft.graph.itemBody"
},
"bodyPreview": "string",
"categories": [
"string"
],
"ccRecipients": [
{
"@odata.type": "microsoft.graph.recipient"
}
],
"changeKey": "string",
"conversationId": "string",
"conversationIndex": "String (binary)",
"createdDateTime": "String (timestamp)",
"flag": {
"@odata.type": "microsoft.graph.followupFlag"
},
"from": {
"@odata.type": "microsoft.graph.recipient"
},
"hasAttachments": true,
"id": "string (identifier)",
"importance": "String",
"inferenceClassification": "String",
"internetMessageHeaders": [
{
"@odata.type": "microsoft.graph.internetMessageHeader"
}
],
"internetMessageId": "String",
"isDeliveryReceiptRequested": true,
"isDraft": true,
"isRead": true,
"isReadReceiptRequested": true,
"lastModifiedDateTime": "String (timestamp)",
"parentFolderId": "string",
"receivedDateTime": "String (timestamp)",
"replyTo": [
{
"@odata.type": "microsoft.graph.recipient"
}
],
"sender": {
"@odata.type": "microsoft.graph.recipient"
},
"sentDateTime": "String (timestamp)",
"subject": "string",
"toRecipients": [
{
"@odata.type": "microsoft.graph.recipient"
}
],
"uniqueBody": {
"@odata.type": "microsoft.graph.itemBody"
},
"webLink": "string",
"attachments": [
{
"@odata.type": "microsoft.graph.attachment"
}
],
"extensions": [
{
"@odata.type": "microsoft.graph.extension"
}
],
"multiValueExtendedProperties": [
{
"@odata.type": "microsoft.graph.multiValueLegacyExtendedProperty"
}
],
"singleValueExtendedProperties": [
{
"@odata.type": "microsoft.graph.singleValueLegacyExtendedProperty"
}
]
}Relationships
Microsoft Graph v1.0
mapped-docs
Relationships is shown from stable Microsoft Graph v1.0 metadata.
| Relationship | Type | Description |
|---|---|---|
attachments |
attachment collection |
The fileAttachment and itemAttachment attachments for the message. |
extensions |
extension collection |
The collection of open extensions defined for the message. Nullable. |
multiValueExtendedProperties |
multiValueLegacyExtendedProperty collection |
The collection of multi-value extended properties defined for the message. Nullable. |
singleValueExtendedProperties |
singleValueLegacyExtendedProperty collection |
The collection of single-value extended properties defined for the message. Nullable. |
bccRecipients |
recipient collection |
The Bcc: recipients for the message. |
categories |
string collection |
The categories associated with the item |
ccRecipients |
recipient collection |
The Cc: recipients for the message. |
internetMessageHeaders |
internetMessageHeader collection |
A collection of message headers defined by RFC5322. The set includes message headers indicating the network path taken by a message from the sender to the recipient. It can also contain custom message headers that hold app data for the message. Returned only on applying a $select query option. Read-only. |
replyTo |
recipient collection |
The email addresses to use when replying. |
toRecipients |
recipient collection |
The To: recipients for the message. |
mentions |
mention collection |
A collection of mentions in the message, ordered by the createdDateTime from the newest to the oldest. By default, a GET /messages does not return this property unless you apply $expand on the property. |
unsubscribeData |
string collection |
The valid entries parsed from the List-Unsubscribe header. This is the data for the mail command in the List-Unsubscribe header if UnsubscribeEnabled property is true. |
Graph Methods
Delegated access
App-only access
Exact Microsoft Learn match
Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
Exact Microsoft Learn match
Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
Exact Microsoft Learn PowerShell match
Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
Exact Microsoft Learn PowerShell match
Microsoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
Code Examples
C# / .NET SDK
Add attachment
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new FileAttachment
{
OdataType = "microsoft.graph.fileAttachment",
Name = "name-value",
ContentType = "contentType-value",
IsInline = false,
ContentLocation = "contentLocation-value",
ContentBytes = Convert.FromBase64String("base64-contentBytes-value"),
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Me.Messages["{message-id}"].Attachments.PostAsync(requestBody);
JavaScript
Add attachment
const options = {
authProvider,
};
const client = Client.init(options);
const attachment = {
'@odata.type': 'microsoft.graph.fileAttachment',
name: 'name-value',
contentType: 'contentType-value',
isInline: false,
contentLocation: 'contentLocation-value',
contentBytes: 'base64-contentBytes-value'
};
await client.api('/me/messages/{id}/attachments')
.post(attachment);
PowerShell
Add attachment
Import-Module Microsoft.Graph.Mail
$params = @{
"@odata.type" = "microsoft.graph.fileAttachment"
name = "name-value"
contentType = "contentType-value"
isInline = $false
contentLocation = "contentLocation-value"
contentBytes = "base64-contentBytes-value"
}
# A UPN can also be used as -UserId.
New-MgUserMessageAttachment -UserId $userId -MessageId $messageId -BodyParameter $params
Python
Add attachment
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.file_attachment import FileAttachment
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = FileAttachment(
odata_type = "microsoft.graph.fileAttachment",
name = "name-value",
content_type = "contentType-value",
is_inline = False,
content_location = "contentLocation-value",
content_bytes = base64.urlsafe_b64decode("base64-contentBytes-value"),
)
result = await graph_client.me.messages.by_message_id('message-id').attachments.post(request_body)App Registration
1
Navigate to Azure Portal
Go to App registrations in Microsoft Entra admin center
2
Add API Permission
Select your app → API permissions → Add a permission → Microsoft Graph
3
Select Permission Type
Choose Application permissions or delegated permissions and search for Mail.ReadWrite
4
Grant Admin Consent
Application permissions always require admin consent.