- Products
- Solutions Use casesBy industry
- Developers
- Resources Connect
- Pricing
Microsoft’s Exchange Web Services (EWS) API provides users with an intuitive interface that allows developers to add full Exchange data and functionality into their app. With direct SOAP implementation, clients can send and receive web service messages from client applications, portal applications, and service applications, an access nearly all the information stored in an Exchange Online, Exchange Online as part of Office 365, or an Exchange server mailbox by simply using the EWS Managed API.
This article will cover the major components of the EWS API and explain just what it takes to build a full integration with EWS accounts. It will also demonstrate how the Nylas Communications Platform abstracts away much of the complexity of building a direct integration with the Microsoft EWS API, enabling you to build your email, calendar and contacts integration seamlessly and efficiently.
Contents:
There are two primary way to setup an EWS environment for development purposes:
Once that is established, you are ready to authenticate your development environment, utilizing standard web authentication protocols to help secure the communication between your application and the Exchange server. For those users that are targeting Exchange Online, the authentication method that you choose must use HTTPS to encrypt the requests and responses that your application sends. We recommend that you use HTTPS for any request that your application sends to an EWS endpoint to help secure communication between your application and an Exchange server.
Exchange provides two authentication options: OAuth 2.0 for Exchange Online, and NTLM for on-premises installations of Exchange. Let’s take a look at how to use these authentication mechanisms.
OAuth is the gold standard for app to app authentication, and it should be used whenever possible. We recommend all applications use OAuth to connect to all Exchange Online services. The advantage in security over basic authentication is worth the additional work required to implement OAuth in your application. With that important point out of the way, there are also some disadvantages that you should be aware of.
In order to minimize these disadvantages, we recommend using the Microsoft Azure Active Directory Authentication Library (ADAL) to authenticate users to Active Directory Domain Services (AD DS) in the cloud or on-premises and then obtain access tokens for securing calls to an Exchange server. Exchange Online requires tokens issued by the Azure Active Directory service, which is supported by the ADAL. But you can use any third-party library for this action.
Microsoft offers two types of OAuth permissions to access EWS APIs in Exchange Online, delegated permissions and application permissions. Before you proceed with the tutorial, you will need to choose the specific permission type you wish to use:
To use EWS OAuth, you first need to register your application, and get an application ID issued by Azure Active Directory. The EWS docs contain a bunch of code examples that demonstrate how to get access tokens for delegated and application permissions.
NTLM authentication is only available for on-premises servers. For applications that run inside of a corporate firewall, integration between NTLM authentication and the .NET Framework provides a built-in means to authenticate your application:
Take a look at the NTLM Authentication code examples in the docs to learn more about how to use this feature.
The Nylas Communications Platform integrates with 100% of email, calendar, and contacts providers, including Exchange, Office365, and Outlook. With Nylas, you can build a full email, calendar, and contacts integration in a fraction of the time it would take to build a direct integration with Exchange. Let’s take a look at the features Nylas offers to make it dead simple to build your first email, calendar, and contacts integration.
Nylas Hosted Auth is the quickest and easiest way to setup user authentication for your app. Simply redirect users to a Nylas login page and we’ll handle the rest including auto-detection of third party providers and managing token exchanges with providers like Microsoft.
The Nylas Hosted Auth process is very similar to authentication with the the EWS OAuth authentication, but with some added magic to make your life much easier.
Then, you can make a request to the Account endpoint to return information about the connected user account.
$ curl -X GET https://api.nylas.com/account -H 'Authorization: Basic SVNz****' { "id": "awa6ltos***", "account_id": "awa6lto***", "object": "account", "name": "Your User", "email_address": "[email protected]", "provider": "eas", "organization_unit": "folder", "sync_state": "running", "linked_at": 1470231381, }
Ultimately, Nylas allows you to more quickly build your email, calendar, and contacts integration so you can spend more time building the features your users love. There’s no need to become an expert at Exchange integrations when you build with Nylas.
The Nylas Email API provides full access to your Exchange email inboxes to ingest email data, manage and download email attachments, create drafts and send emails, and search email inboxes for specific content.
Here’s an example that requests the latest email message from a user’s inbox:
$ curl -X GET 'https://api.nylas.com/messages?limit=1' -H 'Authorization: Bearer ACCESS_TOKEN' [ { "subject": "Got some torpedos you need to stop?", "body": "Have you heard about our new torpedo-jamming technology? ", "from": [ { "email": "[email protected]", "name": "Hedy Lamarr" } ], "to": [ { "email": "james****@yahoo.com", "name": "" } ], "date": 1557950729, "folder": { "display_name": "Inbox", "id": "7hcg****", "name": "inbox" }, "unread": true, "starred": false, ... } ]
The Nylas Calendar API enables full access to Exchange calendar and event data, and allows you to schedule events and send RSVP notifications.
Let’s take a look at a request to get a specific event off a user’s calendar
$ curl -X GET 'https://api.nylas.com/events/{id}' -H 'Authorization: Bearer ACCESS_TOKEN' { "title": "Meeting: Player Piano Radios", "description": "Let's chat about our new torpedo jamming technology.", "location": "Vienna", "owner": "Hedy Lamarr <[email protected]>", "participants": [ { "email": "[email protected]", "name": "Hedy lamarr", "status": "yes" }, { "email": "[email protected]", "name": "Your User", "status": "yes" }, ], "when": { "object": "timespan", "end_time": 1408123800, "start_time": 1408120200 }, "read_only": false, "busy": true, "status": "confirmed", ... }
The Nylas Contacts API makes it easy to enrich your user’s experience with detailed information about the people in their Exchange Contacts Book.
Here’s an example of what a user’s contact looks like with the Nylas Contacts API:
$ curl -X GET 'https://api.nylas.com/contacts/{contact_id}' -H 'Authorization: Bearer ACCESS_TOKEN' { "birthday": "1960-12-31", "company_name": "Player Piano Radios", "emails": [ { "email": "[email protected]", "type": "work" } ], "given_name": "Hedy", "surname": "Lamarr", "job_title": "Radio Frequency Controller", "notes": "Has some interesting theories about torpedos involving player pianos", "office_location": "Vienna", "phone_numbers": [ { "number": "1 110 919 1485", "type": "business" } ], ... }
Here are some resources to help you learn how to get started with Nylas.
Learn how to create an appointment scheduler in your React app using Nylas Scheduler. Streamline bookings and UX with step-by-step guidance.
Dive into the world of smart Web Components for advanced API integration solutions. Design elegant, customizable elements to elevate user experiences.
Elevate your app’s scheduling with a React calendar component and seamlessly integrate with Nylas for efficient calendar management.
Ben is the Developer Advocate for Nylas. He is a triathlete, musician, avid gamer, and loves to seek out the best breakfast tacos in Austin, Texas.