ClawHub
Skill flagged — review recommended

ClawHub Security found sensitive or high-impact capabilities. Review the scan results before using.

Outlook Delegate

Read, search, and manage Outlook emails and calendar via Microsoft Graph API with delegate support. Your AI assistant authenticates as itself but accesses the owner's mailbox/calendar as a delegate. Modified for delegate access from https://clawhub.ai/jotamed/outlook

Audits

Suspicious
ClawScanSuspicious

Agentic behavior and permission review.

Static analysisPass

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install outlook-skill-clawhub

Outlook Delegate Skill

Access another user's Outlook/Microsoft 365 email and calendar as a delegate via Microsoft Graph API.

Delegate Architecture

This skill is designed for scenarios where:

  • Your AI assistant has its own Microsoft 365 account (e.g., assistant@domain.com)
  • The owner has granted the assistant delegate access to their mailbox/calendar
  • The assistant authenticates as itself but accesses the owner's resources

What Changed from Direct Access

FeatureDirect Access (/me)Delegate Access (/users/{id})
API Base/me/messages/users/{owner}/messages
Send EmailAppears "From: Owner"Appears "From: Assistant on behalf of Owner"
CalendarFull controlBased on permission level granted
PermissionsMail.ReadWrite, Mail.SendMail.ReadWrite.Shared, Mail.Send.Shared, Calendars.ReadWrite.Shared

Configuration

Config File: ~/.outlook-mcp/config.json

{
  "client_id": "your-app-client-id",
  "client_secret": "your-app-client-secret",
  "owner_email": "owner@domain.com",
  "delegate_email": "assistant@domain.com"
}

The owner_email is the mailbox the assistant will access as a delegate.

Setup Requirements

1. Azure AD App Registration

The app registration needs delegated permissions (not application permissions):

  • Mail.ReadWrite.Shared - Read/write access to shared mailboxes
  • Mail.Send.Shared - Send mail on behalf of others
  • Calendars.ReadWrite.Shared - Read/write shared calendars
  • User.Read - Read assistant's own profile
  • offline_access - Refresh tokens

2. Exchange Delegate Permissions (Admin or Owner)

The owner must grant the assistant delegate access via Exchange/Outlook:

PowerShell (Admin):

# Grant mailbox access
Add-MailboxPermission -Identity "owner@domain.com" -User "assistant@domain.com" -AccessRights FullAccess

# Grant Send-on-Behalf
Set-Mailbox -Identity "owner@domain.com" -GrantSendOnBehalfTo "assistant@domain.com"

# Grant calendar access (Editor = can create/modify events)
Add-MailboxFolderPermission -Identity "owner@domain.com:\Calendar" -User "assistant@domain.com" -AccessRights Editor -SharingPermissionFlags Delegate

Or via Outlook Settings: The owner can add the assistant as a delegate in Outlook → File → Account Settings → Delegate Access.

3. Token Flow

The assistant authenticates as itself via OAuth2, then accesses the owner's resources using the /users/{owner@domain.com}/ endpoint.

Usage

Token Management

./scripts/outlook-token.sh refresh   # Refresh expired token
./scripts/outlook-token.sh test      # Test connection to BOTH accounts
./scripts/outlook-token.sh get       # Print access token

Reading Owner's Emails

./scripts/outlook-mail.sh inbox [count]           # Owner's inbox
./scripts/outlook-mail.sh unread [count]          # Owner's unread
./scripts/outlook-mail.sh search "query" [count]  # Search owner's mail
./scripts/outlook-mail.sh from <email> [count]    # Owner's mail from sender
./scripts/outlook-mail.sh read <id>               # Read email content

Managing Owner's Emails

./scripts/outlook-mail.sh mark-read <id>          # Mark as read
./scripts/outlook-mail.sh mark-unread <id>        # Mark as unread
./scripts/outlook-mail.sh flag <id>               # Flag as important
./scripts/outlook-mail.sh delete <id>             # Move to trash
./scripts/outlook-mail.sh archive <id>            # Move to archive
./scripts/outlook-mail.sh move <id> <folder>      # Move to folder

Sending Emails (On Behalf Of Owner)

./scripts/outlook-mail.sh send <to> <subj> <body>  # Send on behalf of owner
./scripts/outlook-mail.sh reply <id> "body"        # Reply on behalf of owner

Note: Emails will show "Assistant on behalf of Owner" in the From field.

Owner's Calendar

./scripts/outlook-calendar.sh events [count]      # Owner's upcoming events
./scripts/outlook-calendar.sh today               # Owner's today
./scripts/outlook-calendar.sh week                # Owner's week
./scripts/outlook-calendar.sh read <id>           # Event details
./scripts/outlook-calendar.sh free <start> <end>  # Owner's availability

Creating Events on Owner's Calendar

./scripts/outlook-calendar.sh create <subj> <start> <end> [location]
./scripts/outlook-calendar.sh quick <subject> [time]

API Endpoint Changes

The key change is replacing /me with /users/{owner_email}:

# Direct access (old)
API="https://graph.microsoft.com/v1.0/me"

# Delegate access (new)
OWNER=$(jq -r '.owner_email' "$CONFIG_FILE")
API="https://graph.microsoft.com/v1.0/users/$OWNER"

Send-on-Behalf Implementation

When sending mail as a delegate, you must specify the from address:

{
  "message": {
    "subject": "Meeting follow-up",
    "from": {
      "emailAddress": {
        "address": "owner@domain.com"
      }
    },
    "toRecipients": [{"emailAddress": {"address": "recipient@example.com"}}],
    "body": {"contentType": "Text", "content": "..."}
  }
}

The recipient sees: "Assistant on behalf of Owner owner@domain.com"

Permissions Summary

ActionRequired PermissionExchange Setting
Read owner's mailMail.ReadWrite.SharedFullAccess or Reviewer
Modify owner's mailMail.ReadWrite.SharedFullAccess or Editor
Send as ownerMail.Send.SharedSendOnBehalf
Read owner's calendarCalendars.ReadWrite.SharedReviewer+
Create events on owner's calendarCalendars.ReadWrite.SharedEditor

Troubleshooting

"Access denied" or "403 Forbidden" → Check that the assistant has MailboxPermission on the owner's mailbox

"The mailbox is not found" → Verify owner_email in config.json is correct

"Insufficient privileges" → App registration missing .Shared permissions (check Azure AD)

Emails send but don't show "on behalf of" → Missing SendOnBehalf permission. Run:

Set-Mailbox -Identity "owner@domain.com" -GrantSendOnBehalfTo "assistant@domain.com"

"Token expired" → Run outlook-token.sh refresh

Security Considerations

  1. Audit Trail: All actions by the assistant are logged in the owner's mailbox audit log
  2. Token Storage: Credentials stored in ~/.outlook-mcp/ - protect this directory
  3. Scope Limitation: The assistant only has access to what the owner explicitly grants
  4. Revocation: The owner can revoke access anytime via Delegate settings

Files

  • ~/.outlook-mcp/config.json - Client ID, secret, and owner/delegate emails
  • ~/.outlook-mcp/credentials.json - OAuth tokens (access + refresh)

Changelog

v1.0.0 (Delegate Edition)

  • Breaking: API calls now use /users/{owner} instead of /me
  • Added: owner_email and delegate_email config fields
  • Added: Send-on-behalf support with proper from field
  • Changed: Permissions to .Shared variants
  • Added: Delegate setup documentation
  • Added: Token test validates access to owner's mailbox
  • Based on outlook v1.3.0 by jotamed (https://clawhub.ai/jotamed/outlook)