Is it possible to download the eDiscovery exports download url like https://neur.proxyservice.ediscovery.office365.com/ediscovery/api/proxy/exportaedblobFileResult(...) using Azure App permissions programmatically?

Question

Is it possible to download the eDiscovery exports download url like https://neur.proxyservice.ediscovery.office365.com/ediscovery/api/proxy/exportaedblobFileResult(...) using Azure App permissions programmatically?

Suman Chukka 20

I used security.ediscovery Graph API to get the download url for the exports using Azure SP using app credentials, for example I got download url as https://neur.proxyservice.ediscovery.office365.com/ediscovery/api/proxy/exportaedblobFileResult(.............), is it possible to download programmatically using app credentials access token? When I am doing this, I am getting http 200 but some html content is downloading instead of actual file.

Ganesh Gurram 6,280 Reputation points Microsoft External Staff

2025-04-24T04:41:57.64+00:00

@Suman Chukka

Just checking in to see if the below answer helped. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Accepted answer

0 additional answers

Your answer

Ganesh Gurram 6,280 Reputation points Microsoft External Staff

2025-04-24T04:41:57.64+00:00

@Suman Chukka

Just checking in to see if the below answer helped. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Answer 1

Vasil Michev 117.1K MVP

You need to pass the X-AllowWithAADToken header in addition to the authentication one:

$authHeader = @{
'Content-Type'='application\json'
'Authorization'="Bearer $($token.AccessToken)"
'X-AllowWithAADToken' = "true"
}
 
$uri = 'https://neur.proxyservice.ediscovery.office365.com/ediscovery/api/proxy/exportaedblobFileResult(blablabla)'
Invoke-WebRequest -Uri $uri -Headers $authHeader -Verbose -OutFile "D:\Downloads\1.zip"

I have a more detailed explanation in this article: https://www.michev.info/blog/post/5806/using-the-graph-api-to-export-ediscovery-premium-datasets

Suman Chukka 20 Reputation points

2025-04-23T10:30:54.8466667+00:00

After adding 'X-AllowWithAADToken' = "true", now getting 401 error, went through the article, I don't see b26e684c-5068-4120-a679-64a5d2c909d9 resource (MicrosoftPurviewEDiscovery) in my tenant under all applications nor don't see the scope eDiscovery.Download.Read, Searched in the delegate permissions too, but can't find the SP id provided. Also it's mentioned only delegate permissions will work, will it not work with App permissions?
Vasil Michev 117.1K Reputation points MVP

2025-04-23T17:16:34.6433333+00:00

If the SP doesn't exist, you will need to create it, I cover the process in the article also. And yes, only delegate permissions are supported, see the note at the end of this article: https://learn.microsoft.com/en-us/graph/api/security-caseoperation-get?view=graph-rest-1.0&tabs=http
Ganesh Gurram 6,280 Reputation points Microsoft External Staff

2025-04-25T02:55:10.6066667+00:00

@Suman Chukka

Following up to see if the above answer helped. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Share via

Is it possible to download the eDiscovery exports download url like https://neur.proxyservice.ediscovery.office365.com/ediscovery/api/proxy/exportaedblobFileResult(...) using Azure App permissions programmatically?

0 additional answers

Your answer