we changed the Mail.Read/Write settings, and for now we can send mail, Azure developer is not happy with this because documentation says
This task uses the Microsoft Graph API.
For this task to function correctly, Workflow needs to be granted application permissions for Microsoft Graph in the organization’s Azure instance.
It needs read access to the Users category ( User.Read.All ) so that the task can identify the users in the organization.
In addition, to send emails on any user’s behalf, the Mail.Send permission is required.
For more information on setting application permissions for Microsoft Graph, see Get access without a user - Microsoft Graph | Microsoft Learn.
As explained in the Microsoft documentation, the scope of the permissions depends on whether you are using delegated permissions or app permissions.
So for instance, with delegated permissions, the User.Read.All permission allows the application to “see” only the same users that the impersonated user can see. With app permissions, that same setting allows the application to see all users. The same principle applies to all Graph objects.
So if you want to restrict the scope of the permissions granted to Workflow, use delegated permissions.
“In addition, to send emails on any user’s behalf, the Mail.Send permission is required”
and the error comes on " https://graph.microsoft.com/v1.0/users/$From/messages/". I understand it has something to do with delegated permissions , the User.Read.All permission,