Why Route Microsoft 365 Emails to a Webhook?
Microsoft 365 (formerly Office 365) is Microsoft's enterprise cloud productivity platform, including Outlook email used by millions of organisations globally. While Microsoft 365 is a capable email platform, its native tooling for programmatic automation was not built for developers who need structured, reliable data delivery to backend systems.
The native approach — Microsoft Graph API (change notifications) — introduces significant operational overhead. You need to manage credentials, poll or maintain persistent connections, and write custom parsing logic for every message field you care about. When your team is moving fast, that friction adds up to hours of maintenance per integration.
JsonHook eliminates that overhead by accepting inbound mail on your behalf and immediately firing a structured JSON payload to any HTTPS endpoint you specify. The email is parsed, attachments are base64-encoded, and headers are normalised — so your webhook handler can focus entirely on business logic rather than MIME parsing.
Below are the core benefits of routing your Microsoft 365 messages through JsonHook instead of relying on the native alternative:
- Limitation avoided: The Microsoft Graph API requires Azure AD app registration, multi-step OAuth consent, and ongoing token refresh — significant setup for a simple inbound email integration.
- Limitation avoided: Graph API change notifications deliver only a notification reference, not message content; a second Graph API call is required to fetch the full message, doubling latency.
- Limitation avoided: Microsoft 365 tenant admins often disable external email forwarding by default for security compliance, requiring explicit policy exceptions before individual users can forward to external addresses.
- Zero-polling architecture: JsonHook pushes to your endpoint the moment mail arrives — no long-running background jobs needed.
- Automatic attachment handling: PDFs, images, and other file types are extracted, base64-encoded, and included in the JSON payload with their original MIME type.
- Retry with exponential back-off: If your endpoint is temporarily unavailable, JsonHook retries automatically — something the Microsoft Graph API (change notifications) does not do natively.
- Webhook signatures for security: Every delivery includes an HMAC-SHA256 signature header so you can verify the payload originated from JsonHook.
Whether you are building a support-ticket ingestion pipeline, a lead-capture workflow, or an automated document processor, JsonHook gives you a consistent, typed interface to Microsoft 365 messages without the fragility of raw SMTP or polling-based API integrations.
How to Forward Microsoft 365 to JsonHook
Getting Microsoft 365 emails delivered to your webhook takes about five minutes. The process has two parts: creating a JsonHook address via the API, and configuring Microsoft 365 to forward a copy of each incoming message to that address.
- Log in to the Microsoft 365 Admin Center and navigate to Exchange Admin Center › Mail flow › Rules.
- Click + Add a rule › Create a new rule. Give the rule a name (e.g. 'Forward to JsonHook') and set the condition to match the messages you want to forward.
- Under Do the following, choose Forward the message to and enter your JsonHook inbound address.
- For individual mailboxes, users can also configure forwarding in Outlook on the web under Settings › Mail › Forwarding — note that admins may need to allow external forwarding in the Microsoft 365 Anti-spam outbound policy.
Once forwarding is active, every email that arrives in your Microsoft 365 inbox (or matches your filter) will be relayed to your JsonHook address, parsed, and delivered to your endpoint as a JSON payload within seconds.
You can create your JsonHook inbound address with a single curl command. Replace YOUR_API_KEY with the key from your dashboard and set webhookUrl to your endpoint:
curl -X POST https://jsonhook.com/api/addresses \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"label": "Microsoft 365 inbound",
"webhookUrl": "https://your-app.example.com/webhooks/email",
"secret": "a-random-signing-secret"
}'The response includes your unique @in.jsonhook.com address. Copy that address and paste it into the forwarding field in your Microsoft 365 settings. That is all the infrastructure you need to stand up.
Start Receiving Microsoft 365 Webhooks in 5 Minutes
Free tier: 100 emails/month, 1 address. No credit card required.
Get Free API KeyMicrosoft 365 vs Microsoft Graph API (change notifications)
When developers first explore email-to-webhook automation they typically discover Microsoft Graph API (change notifications) — the official programmatic route provided by Microsoft. The table below shows how it compares to using JsonHook as an intermediary.
| Feature | Microsoft 365 Native (Microsoft Graph API (change notifications)) | JsonHook |
|---|---|---|
| Structured JSON payload | ✗ | ✓ |
| Attachment parsing | ✗ | ✓ |
| Retry logic | ✗ | ✓ |
| Webhook signatures | ✗ | ✓ |
| Setup time | Hours to days | Under 5 minutes |
The native approach through Microsoft Graph API (change notifications) requires you to set up OAuth credentials or API keys, maintain a long-running listener or polling job, write your own MIME parser, and implement your own retry queue. Any one of those steps can become a reliability bottleneck in production.
JsonHook handles all of that infrastructure on your behalf. You get a single HTTPS webhook call with a predictable JSON schema every time a Microsoft 365 email arrives — no polling, no credential rotation, no MIME parsing, and no bespoke retry code to maintain.
JSON Payload Example
When a Microsoft 365 email is forwarded to your JsonHook address and delivered to your endpoint, the request body looks like the following. All fields are consistently present; optional fields such as htmlBody and attachments are included when the source message contains them.
{
"id": "msg_01j8xkr4p2vn3q7w",
"receivedAt": "2026-03-15T14:32:07.412Z",
"from": {
"name": "Alice Smith",
"address": "[email protected]"
},
"to": [
{
"name": "",
"address": "[email protected]"
}
],
"subject": "Your Microsoft 365 message subject here",
"textBody": "Plain-text content of the email body.",
"htmlBody": "<div>HTML version of the email body.</div>",
"headers": {
"message-id": "<[email protected]>",
"x-mailer": "Microsoft",
"mime-version": "1.0"
},
"attachments": [
{
"filename": "document.pdf",
"contentType": "application/pdf",
"size": 84234,
"content": "JVBERi0xLjQK..."
}
],
"spf": "pass",
"dkim": "pass"
}The id field is a unique, stable identifier you can use for idempotent processing. The spf and dkim fields reflect the authentication results JsonHook observed when receiving the message, which you can use to enforce additional trust policies in your handler.
Attachment content is standard base64. Decode it with a single call in any language — Buffer.from(att.content, 'base64') in Node.js, base64.b64decode(att.content) in Python, and so on.
C# handler for Microsoft 365 emails forwarded through JsonHook:
using System.Security.Cryptography;
using System.Text;
using Microsoft.AspNetCore.Mvc;
[ApiController]
[Route("webhooks")]
public class EmailController : ControllerBase
{
[HttpPost("office365")]
public IActionResult Handle([FromBody] JsonElement body)
{
var sig = Request.Headers["X-JsonHook-Signature"].FirstOrDefault() ?? "";
var raw = body.GetRawText();
var secret = Environment.GetEnvironmentVariable("JSONHOOK_SECRET")!;
using var mac = new HMACSHA256(Encoding.UTF8.GetBytes(secret));
var expected = Convert.ToHexString(
mac.ComputeHash(Encoding.UTF8.GetBytes(raw))
).ToLower();
if (sig != expected) return Unauthorized();
var from = body.GetProperty("from").GetProperty("address").GetString();
var subject = body.GetProperty("subject").GetString();
Console.WriteLine($"M365: {from} → {subject}");
return Ok();
}
}Common Microsoft 365 to Webhook Use Cases
Microsoft 365 (formerly Office 365) is the enterprise email and productivity platform used by millions of organisations worldwide. While the Microsoft Graph API offers programmatic email access, the setup complexity — OAuth app registration, permission scopes, token management — is substantial. JsonHook provides a simpler automation path through the built-in Outlook forwarding rules included with every Microsoft 365 subscription.
- IT service desk automation: Enterprise IT teams that receive helpdesk requests at a shared Microsoft 365 mailbox can forward those emails to a webhook that creates tickets in ServiceNow, Jira Service Management, or a custom ITSM system.
- HR and payroll notification processing: HR systems that send pay-slip notifications, benefit updates, and policy change alerts via Microsoft 365 email can route those to a webhook for automatic employee notification and record-keeping.
- Compliance and audit logging: Legal and compliance teams can forward emails from regulated channels to a webhook that writes each message to an immutable audit log with timestamp and metadata — satisfying retention and discovery requirements.
- Cross-platform calendar and task sync: When scheduling tools send meeting invites or task assignments via Microsoft 365 email, a webhook can parse those messages and push events to external calendars, project tools, or Slack without Microsoft 365 API credentials.