This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 46%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECA%3C/text%3E%3C/svg%3E)
There is a method via Powershell that requires the Exchange.Manage permission and Exchange Administrator assigned role on a Service Principal. This method requires to connect to Exchange Online first and then running the New-TenantAllowBlockListItems cmdlet.
Is there a way to do this via Graph API? I see there is documentation for tenantAllowOrBlockListAction in beta, but at first glance I don't see the endpoint in Graph Explorer.
No, not yet at least. For the time being the only supported method for managing the TABL programmatically is via the above PowerShell cmdlet and its siblings.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 83%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENJ%3C/text%3E%3C/svg%3E)
Hi Chan, Alan,
Thank you for posting in the Q&A Forums.
You can use the Microsoft Graph API to read, create, update, and delete antispam policies that control email filtering behavior, including blocking and allowing based on specific conditions such as sender, recipient, subject, and so on.
The following are general steps for managing antispam policies through the Microsoft Graph API:
Obtain an access token: First, you need to obtain an access token through Azure AD that will be used for subsequent Graph API requests.
List Anti-Spam Policies: You can use the Graph API to list all current anti-spam policies to see which policies already exist and their configurations.
Create or Update Anti-Spam Policies: Depending on your needs, create new anti-spam policies or update existing policies to add or modify block and allow lists. This usually involves setting various properties of the policy, such as isEnabled, priority, mode (e.g., enable or testOnly), and conditions and actions.
Applying changes: Once you have created a policy or made changes to it, these changes are automatically applied to your Exchange Online environment.
Example
While I can't provide a complete example code (as it would involve multiple API calls and complex JSON loads), I can provide a conceptual example of a Graph API request for querying an anti-spam policy:
GET https://graph.microsoft.com/v1.0/security/antispamPolicies
Content-Type: application/json
Authorization: Bearer {access_token}
Cautions
Make sure that your application or service account has sufficient permissions to perform these actions. This typically means having the appropriate Azure AD role and Exchange Online administrative privileges.
Given the constant updates and changes to the Graph API, it is recommended that you consult the latest Microsoft Graph documentation for the latest information and examples.
For complex requirements, such as needing precise control over entries in block and allow lists, you may need to write more sophisticated logic to ensure that the policies implemented through the API match your business needs.
Best regards
NeuviJ
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.