KeyHub needs to be able to send your users mail. KeyHub needs a mail server to do so. Exchange is a good option.
Using a Dedicated Exchange 365 Account with Application Impersonation Rights
-
Create a Dedicated Service Account:
- Log in to the Microsoft 365 Admin Center.
- Navigate to Users > Active users.
- Click on Add a user to create a new service account (e.g.,
serviceaccount@company.org).
-
Assign ApplicationImpersonation Rights:
- Open the Exchange Admin Center (EAC).
- Navigate to Permissions > Admin roles.
- Click on + Add a role group to create a new role group.
- Name it (e.g., "App Impersonation Role").
- Under Roles, click + Add roles and select ApplicationImpersonation.
- Under Members, click + Add and select the service account you created (
serviceaccount@company.org). - Click Save to apply the changes.
-
Configure Your Application:
- Use the
serviceaccount@contoso.orgcredentials in your application, and ensure it’s configured to send emails on behalf of users.
- Use the