This group is used to lock down your Graph Registered app to a mailbox. Here we will create a mailbox and create the mail-enabled security group that this user will own.

1. Create a new mailbox. Name it “xxx-graph-integration@examplecorp.com”. This is now our MAILBOX_USERNAME

2. In the Exchange Admin area, go to Groups

3. Hit Add Group

4. Choose a type of Mail-enabled security

5. Set the name to something like “xxx-graph integration for Example Corp”

6. Set a Group email address for this. This will be our SECURITY_GROUP_EMAIL

7. Check the box for “Require owner approval to join the group”

8. Hit Create group

9. Now add the MAILBOX_USERNAME as an Owner and Member of the group. NOTE: Any other Owners or Members mailboxes will be accessible via the Graph integration. It is strongly advised you remove these other members.