npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@tlouverse/graph-mailer

v0.3.1

Published

Send emails via Microsoft Graph API — thin wrapper around the Graph SDK for client-credentials flows.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

cptn-tlouvetcptn-tlouvet

Keywords

microsoft-graphemailmailergraph-apioffice365azure-ad

Readme

@tlouverse/graph-mailer

npm version license

English · Français

English

Send emails through the Microsoft Graph API using app-only (client credentials) authentication.

Installation

npm install @tlouverse/graph-mailer

Quick start

import { GraphMailer } from '@tlouverse/graph-mailer';

const mailer = new GraphMailer({
  tenantId: 'your-tenant-id',
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  defaultFrom: '[email protected]',
});

await mailer.send({
  to: ['[email protected]', { email: '[email protected]', name: 'Bob' }],
  cc: '[email protected]',
  subject: 'Hello',
  html: '<p>Hi there!</p>',
});

Reuse the same GraphMailer instance across your application — it handles token caching and renewal automatically.

API

new GraphMailer(config)

| Option | Type | Required | Description | |---|---|---|---| | tenantId | string | ✓ | Azure AD / Entra ID tenant GUID | | clientId | string | ✓ | App registration client ID | | clientSecret | string | ✓ | App registration client secret | | defaultFrom | string | — | Fallback sender address |

mailer.send(options)Promise<void>

| Option | Type | Required | Description | |---|---|---|---| | to | Address \| Address[] | ✓ | Primary recipient(s) | | subject | string | ✓ | Subject line | | html | string | ✓* | HTML body | | text | string | ✓* | Plain-text body | | from | string | — | Sender (overrides defaultFrom) | | cc | Address \| Address[] | — | CC recipient(s) | | bcc | Address \| Address[] | — | BCC recipient(s) | | replyTo | Address \| Address[] | — | Reply-to address(es) | | saveToSentItems | boolean | — | Default: false | | attachments | Attachment[] | — | Files to attach (max 4 MB each) |

*At least one of html or text is required. html takes priority when both are provided.

Address

type Address = string | { email: string; name?: string };

Attachment

interface Attachment {
  name: string;        // filename as it appears in the email
  contentType: string; // MIME type, e.g. 'application/pdf'
  content: Buffer | string; // file content as a Buffer or base64 string
}

Errors

| Class | Thrown when | |---|---| | GraphMailError | Missing sender, missing body, or Graph API error | | GraphAuthError | Token acquisition failed (bad credentials, network issue) |

Both extend Error and expose a details property with the HTTP status and error context for debugging.

Azure prerequisites

  1. App registration — Create an app in Entra ID.

  2. API permission — Add the Mail.Send Microsoft Graph permission as an Application permission (not Delegated), then grant admin consent.

  3. Application Access Policy — Without this, your app can send from any mailbox in the tenant. Restrict it with Exchange Online PowerShell:

    New-ApplicationAccessPolicy `
  -AppId <clientId> `
  -PolicyScopeGroupId <mailEnabledGroupOrMailbox> `
  -AccessRight RestrictAccess `
  -Description "Restrict app to authorised mailboxes"

    ⚠️ This step is critical. Skip it and the app has unrestricted send-as access across your entire tenant.

Français

Envoi d'emails via l'API Microsoft Graph avec une authentification applicative (client credentials).

Installation

npm install @tlouverse/graph-mailer

Démarrage rapide

import { GraphMailer } from '@tlouverse/graph-mailer';

const mailer = new GraphMailer({
  tenantId: 'votre-tenant-id',
  clientId: 'votre-client-id',
  clientSecret: 'votre-client-secret',
  defaultFrom: '[email protected]',
});

await mailer.send({
  to: ['[email protected]', { email: '[email protected]', name: 'Bob' }],
  cc: '[email protected]',
  subject: 'Bonjour',
  html: '<p>Bonjour à tous !</p>',
});

Réutilisez la même instance GraphMailer dans toute votre application — elle gère le cache et le renouvellement du token automatiquement.

API

new GraphMailer(config)

| Option | Type | Requis | Description | |---|---|---|---| | tenantId | string | ✓ | GUID du tenant Azure AD / Entra ID | | clientId | string | ✓ | Client ID de l'inscription d'application | | clientSecret | string | ✓ | Secret client de l'inscription d'application | | defaultFrom | string | — | Adresse expéditeur par défaut |

mailer.send(options)Promise<void>

| Option | Type | Requis | Description | |---|---|---|---| | to | Address \| Address[] | ✓ | Destinataire(s) principal(aux) | | subject | string | ✓ | Objet du message | | html | string | ✓* | Corps HTML | | text | string | ✓* | Corps en texte brut | | from | string | — | Expéditeur (remplace defaultFrom) | | cc | Address \| Address[] | — | Destinataire(s) en copie | | bcc | Address \| Address[] | — | Destinataire(s) en copie cachée | | replyTo | Address \| Address[] | — | Adresse(s) de réponse | | saveToSentItems | boolean | — | Défaut : false | | attachments | Attachment[] | — | Fichiers joints (4 Mo max chacun) |

*Au moins html ou text est requis. html est prioritaire si les deux sont fournis.

Address

type Address = string | { email: string; name?: string };

Attachment

interface Attachment {
  name: string;        // nom du fichier tel qu'il apparaît dans l'email
  contentType: string; // type MIME, ex. 'application/pdf'
  content: Buffer | string; // contenu en Buffer ou en chaîne base64
}

Erreurs

| Classe | Levée quand | |---|---| | GraphMailError | Expéditeur manquant, corps manquant, ou erreur de l'API Graph | | GraphAuthError | Échec d'acquisition du token (mauvaises credentials, problème réseau) |

Les deux étendent Error et exposent une propriété details contenant le status HTTP et le contexte de l'erreur pour faciliter le débogage.

Prérequis Azure

  1. Inscription d'application — Créer une application dans Entra ID.

  2. Permission API — Ajouter la permission Mail.Send de Microsoft Graph en tant que permission Application (et non Déléguée), puis accorder le consentement administrateur.

  3. Application Access Policy — Sans cette étape, l'application peut envoyer depuis n'importe quelle boîte aux lettres du tenant. Restreindre via Exchange Online PowerShell :

    New-ApplicationAccessPolicy `
  -AppId <clientId> `
  -PolicyScopeGroupId <groupeOuBoiteAutorisé> `
  -AccessRight RestrictAccess `
  -Description "Restreindre l'application aux boîtes autorisées"

    ⚠️ Cette étape est critique. Sans elle, l'application dispose d'un accès en envoi illimité à l'ensemble des boîtes du tenant.

License

MIT