Information
  • Author: Appian Corporation
  • Type: Plug-in (Function & Smart Service)
  • Support: This is an Appian supported plug-in. To the extent that this plug-in does not conform to its documentation, please submit a ticket to Appian Technical Support. Appian does not support customer-created customizations or outdated versions of the plug-in.
  • Industry: All Industries
  • Compatible Version(s): 25.2
  • First Released:
  • Last Updated:
  • Cost: Free - Appian Supported
Share
Home » AppMarket » MSGraph Mail Poller

MSGraph Mail Poller

Overview

Need to poll emails from your Exchange server? This smart service can be used in a poller process and extract the data from the Microsoft Exchange server. Messages are stored in the Appian Document System, as well as the attachments. Meta data is stored in a database table for further processing.

This plug-in provides an alternative to sending emails to an Appian process model when inbound email integration is requested. Instead of the email being forwarded to Appian, this plug-in reads the emails directly from the Exchange mailbox using the MS Graph API as described below:

  • Reads the mailbox(including digitally signed emails) using the MS Graph API
  • Convert the email to an EML file stored as an Appian document, with attachments removed from it
  • Store all email attachments as separate Appian documents
  • Store all email metadata (subject, author, recipients, etc...) into a set of tables in the database

Key Features & Functionality

  • All information how to deploy, configure and use the smart service is in the 'MS Graph Mail Poller.pdf' document in the downloaded zip.
  • Extract the files in the ZIP and follow the instructions in the document.
  • This plugin currently supports only MySQL and Oracle databases.
Anonymous
Parents

  • Bearer Token Not Being Passed in Proxied Requests to Microsoft Graph API

    Issue Description:
    When using the MS Graph Mail Poller plugin (version 4.3.2) with proxy authentication enabled (isConnectedViaProxy = true), requests to Microsoft Graph API fail with HTTP 401 Unauthorized errors. The Bearer access token is not being included in the API requests.

    Root Cause:
    In the MSGraphConnector.java file, the OkHttpClient (serviceHttpClient) is being built at line 73 BEFORE the TokenCredentialAuthProvider is created at line 97-99. This means the HTTP client is constructed without any mechanism to attach authentication tokens to outgoing requests. Even though the TokenCredentialAuthProvider is later passed to the GraphServiceClient builder, the underlying HTTP client was already finalized without token support, so it never adds the Bearer token to requests.

    Suggested Fix:
    The code in the isConnectedViaProxy block needs to be restructured:

    1. Remove the early serviceHttpClient build (lines 67-73)
    2. Create the TokenCredentialAuthProvider first (before building the HTTP client)
    3. Use HttpClients.createDefault(tokenCredentialAuthProvider).newBuilder() to initialize the HTTP client builder - this ensures tokens are automatically included
    4. Add proxy settings, timeouts, and proxy authenticator to the builder
    5. Build the serviceHttpClient as the LAST step after all configuration is complete

    The key is using HttpClients.createDefault(tokenCredentialAuthProvider) which creates an OkHttpClient.Builder that's pre-configured to inject Bearer tokens into all requests. The current code bypasses this by creating a plain OkHttpClient.Builder without the token provider.

    Impact:
    Without this fix, proxy-authenticated environments cannot retrieve emails. With the fix, Bearer tokens are properly included and authentication succeeds.

Comment

  • Bearer Token Not Being Passed in Proxied Requests to Microsoft Graph API

    Issue Description:
    When using the MS Graph Mail Poller plugin (version 4.3.2) with proxy authentication enabled (isConnectedViaProxy = true), requests to Microsoft Graph API fail with HTTP 401 Unauthorized errors. The Bearer access token is not being included in the API requests.

    Root Cause:
    In the MSGraphConnector.java file, the OkHttpClient (serviceHttpClient) is being built at line 73 BEFORE the TokenCredentialAuthProvider is created at line 97-99. This means the HTTP client is constructed without any mechanism to attach authentication tokens to outgoing requests. Even though the TokenCredentialAuthProvider is later passed to the GraphServiceClient builder, the underlying HTTP client was already finalized without token support, so it never adds the Bearer token to requests.

    Suggested Fix:
    The code in the isConnectedViaProxy block needs to be restructured:

    1. Remove the early serviceHttpClient build (lines 67-73)
    2. Create the TokenCredentialAuthProvider first (before building the HTTP client)
    3. Use HttpClients.createDefault(tokenCredentialAuthProvider).newBuilder() to initialize the HTTP client builder - this ensures tokens are automatically included
    4. Add proxy settings, timeouts, and proxy authenticator to the builder
    5. Build the serviceHttpClient as the LAST step after all configuration is complete

    The key is using HttpClients.createDefault(tokenCredentialAuthProvider) which creates an OkHttpClient.Builder that's pre-configured to inject Bearer tokens into all requests. The current code bypasses this by creating a plain OkHttpClient.Builder without the token provider.

    Impact:
    Without this fix, proxy-authenticated environments cannot retrieve emails. With the fix, Bearer tokens are properly included and authentication succeeds.

Children
No Data
© 2026 Appian. All rights reserved.
We want to hear from you! Submit a review on Gartner or G2.