Skip to content

Configure Email Notifications

Configure Email Notifications

The portal can send email notifications for:

  • Request submitted confirmations
  • Approval required notifications to approvers
  • Request approved/rejected notifications to requestors
  1. Mail.Send permission on the App Service managed identity. It is granted during setup by the Grant Microsoft Graph permissions step, so it is normally already in place.
  2. A user mailbox or shared mailbox to send emails from.

Mail.Send is part of the managed-identity permission grant you ran during setup, so it is normally already in place.

If you are enabling email after the initial install and it was not granted, re-run the Grant Microsoft Graph permissions snippet. It is idempotent (already-granted permissions are skipped) and Mail.Send is included in its list.

To confirm: go to Azure Portal > Microsoft Entra ID > Enterprise applications, set the Application type filter to Managed Identities, select the App Service by name, and check Permissions for Mail.Send.

You need the Object ID of the user or shared mailbox that will send emails:

  1. Go to Azure Portal > Microsoft Entra ID > Users.
  2. Search for and select the user (or shared mailbox).
  3. Copy the Object ID from the Overview page.
Section titled “Option A: configure via portal settings UI (recommended)”
  1. Go to Admin > Communications tab.
  2. Under Email Notifications:
    • Toggle Enable email notifications on.
    • Enter the Send As User ID (Object ID of mailbox).
    • Enter the From Address (email address).
    • Enter the Portal URL (for email links).
  3. Select Save Settings.

Update appsettings.json:

{
"EmailSettings": {
"SendAsUserId": "user-object-id-here",
"FromAddress": "apprequest-noreply@yourdomain.com",
"PortalUrl": "https://your-portal-url.com"
}
}
SettingDescription
SendAsUserIdThe Object ID of the user or shared mailbox to send emails from. If empty, email notifications are disabled.
FromAddressThe email address shown in the From field (should match the mailbox).
PortalUrlThe URL of your portal, used for links in email notifications.
  1. Submit an app request.
  2. Check that the requestor receives a confirmation email.
  3. Check that approvers receive an approval request email.
  4. Approve or reject the request and verify the requestor receives the result notification.
  • 403 Forbidden: Ensure the App Service managed identity has the Mail.Send permission (re-run the grant snippet if needed).
  • User not found: Verify the SendAsUserId is a valid Object ID.
  • Email not sent: Check the API logs for detailed error messages.

Continue to Configure Microsoft Teams Bot (optional).