If you only need the shared mailbox, create one EmailEngine account for it and let an authorised user grant consent during OAuth 2.0 login.
Request — POST /v1/account
{
"account": "shared", // optional; null ⇒ auto-generated
"name": "Shared mailbox",
"email": "shared@example.com",
"oauth2": {
"provider": "AAABkwrwyA8AAAAm", // ID of the MS365 OAuth2 provider in EmailEngine
"authorize": true, // ask EmailEngine to return an auth URL
"redirectUrl":"https://emailengine.app/", // user is sent here after consent
"auth": {
"delegatedUser": "shared@example.com" // address or objectId of the shared mailbox
}
}
}
Response
{
"redirect": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e887..."
}
Send the redirect
URL to a user who already has Full Access to the shared mailbox.
After they sign in and accept the scopes, EmailEngine stores the tokens and the new shared account appears in the account listing. A separate personal-mailbox account is not required.
Field notes
account
– unique EmailEngine ID; set null
to auto-generate.
email
– email address of the shared mailbox. Usually identical to oauth2.auth.delegatedUser
unless you provide an objectId in that field.
oauth2.auth.delegatedUser
– the shared mailbox’s address or objectId, not the credentials of the user who signs in.
- The signing-in user’s own mailbox is never added to EmailEngine; their login is used solely to authorise the shared mailbox.
Once consent is complete, call any EmailEngine REST endpoint against the "shared"
account exactly as you would for a normal mailbox.