Configure Email Notifications
The portal can send email notifications for:
- Request submitted confirmations
- Approval required notifications to approvers
- Request approved/rejected notifications to requestors
Prerequisites
Section titled “Prerequisites”- Mail.Send permission on the App Service managed identity. It is granted during setup by the Grant Microsoft Graph permissions step, so it is normally already in place.
- A user mailbox or shared mailbox to send emails from.
Confirm Mail.Send is granted
Section titled “Confirm Mail.Send is granted”Mail.Send is part of the managed-identity permission grant you ran during setup, so it is normally already in place.
If you are enabling email after the initial install and it was not granted, re-run the Grant Microsoft Graph permissions snippet. It is idempotent (already-granted permissions are skipped) and Mail.Send is included in its list.
To confirm: go to Azure Portal > Microsoft Entra ID > Enterprise applications, set the Application type filter to Managed Identities, select the App Service by name, and check Permissions for Mail.Send.
Get the user object ID
Section titled “Get the user object ID”You need the Object ID of the user or shared mailbox that will send emails:
- Go to Azure Portal > Microsoft Entra ID > Users.
- Search for and select the user (or shared mailbox).
- Copy the Object ID from the Overview page.
Option A: configure via portal settings UI (recommended)
Section titled “Option A: configure via portal settings UI (recommended)”- Go to Admin > Communications tab.
- Under Email Notifications:
- Toggle Enable email notifications on.
- Enter the Send As User ID (Object ID of mailbox).
- Enter the From Address (email address).
- Enter the Portal URL (for email links).
- Select Save Settings.
Option B: configure via appsettings.json
Section titled “Option B: configure via appsettings.json”Update appsettings.json:
{ "EmailSettings": { "SendAsUserId": "user-object-id-here", "FromAddress": "apprequest-noreply@yourdomain.com", "PortalUrl": "https://your-portal-url.com" }}| Setting | Description |
|---|---|
SendAsUserId | The Object ID of the user or shared mailbox to send emails from. If empty, email notifications are disabled. |
FromAddress | The email address shown in the From field (should match the mailbox). |
PortalUrl | The URL of your portal, used for links in email notifications. |
Test email notifications
Section titled “Test email notifications”- Submit an app request.
- Check that the requestor receives a confirmation email.
- Check that approvers receive an approval request email.
- Approve or reject the request and verify the requestor receives the result notification.
Troubleshooting email issues
Section titled “Troubleshooting email issues”- 403 Forbidden: Ensure the App Service managed identity has the
Mail.Sendpermission (re-run the grant snippet if needed). - User not found: Verify the
SendAsUserIdis a valid Object ID. - Email not sent: Check the API logs for detailed error messages.
Next step
Section titled “Next step”Continue to Configure Microsoft Teams Bot (optional).