‘Send Mail’ and ‘Get Mail’ will fail when targeting shared mailbox accounts despite the delegated user having access to the mailbox and despite the target application having the correct permissions in Azure Active Directory.
From my investigations this was caused by the Office365ApplicationScope failing to ask for the following permissions when attempting to get an oauth token (using the ‘interactivetoken’ argument):
Workaround - use postman to request a token for yourself from the azure app and specify that you need Mail.ReadWrite.Shared and Mail.Send.Shared in the ‘scope’ parameter. After approving, your account will then consent.
I think the Office365ApplicationScope assumes that an admin will grant permissions for shared mailboxes across the whole tenant, so it doesn’t need to ask for them. Can someone from the team aligned to this activity confirm/deny?