Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Disable OWA using AzureAD Connector

billychanjy
New Contributor II
New Contributor II

Hi everyone,

 

We are implementing outlook email provisioning where we use AzureAD connector to create account and provision Office 365 E1 license for email.

 

Client wants to disable Outlook on the Web (OWA) upon creating the account and assigned with the license.

 

Are there solutions on using AzureAD connector to disable Outlook on the Web (OWA)?

If not, are there ways to cater this use case?

 

Thanks in advance.

5 REPLIES 5

rushikeshvartak
All-Star
All-Star

Using Microsoft Graph API

You can also use the Microsoft Graph API to manage user settings, including disabling OWA. This would involve making a POST request to the Graph API endpoint to update the user’s mailbox settings.

Here's a simplified example of how you might approach this with the Graph API:

You would need to have appropriate permissions to update mailbox settings and handle authentication for the API calls.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi Rushikesh,

I've checked the properties under mailboxSettings through this website - mailboxSettings resource type - Microsoft Graph v1.0 | Microsoft Learn

It seems like there is no property "owaEnabled" under mailboxSettings, could you suggest an alternative method?

Thanks.

Did you tried from postman ?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi Rushikesh,

Yes, we tried to use the Microsoft Graph API to trigger in Saviynt.
Below is the result.

azure_disableOWAissue.jpeg

 

 

Thanks.

Alternative: Microsoft Graph API (via Conditional Access Policies)

If you're set on using the Graph API, you can achieve something similar by enforcing Conditional Access Policies to block access to OWA. This approach, however, doesn’t disable OWA outright, but it restricts access.

Here’s an outline:

  1. Create a Conditional Access Policy that blocks access to "Exchange Online" for the specific user or group and applies only to the "Web" client (which is OWA).

  2. Use Microsoft Graph API to manage Conditional Access policies:


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.