Specify the Headers for Office 365 Push Notifications

91 views Asked by At

I am creating Outlook subscriptions as outlined here, and setting the NotificationURL to an endpoint on AWS API Gateway. This works as expected.

However, the endpoint is now being locked down, and will require an authorization token and API key to access.

How can I set the headers on the push notifications being sent from Office 365?

1

There are 1 answers

0
Benoit Patra On BEST ANSWER

I do not think you can authenticate the request sent from Office 365 REST API services by setting a bearer or something like that.

The NotificationURL you give to Office 365 REST services must be accessible publicly. But the rest of your API can be accessible only through authentication. Of course you must implement/check the ValidationToken or SubscriptionId to avoid being hacked by malicious REST calls faking Outlook subscriptions.