Secure Outlook CLI for AI Agents
Microsoft Graph's Mail.ReadWrite permission is all-or-nothing. The Secure Outlook CLI replaces that with fine-grained, scriptable rules that control exactly what AI agents can read, draft, and send.
The Problem
Giving AI agents direct access to your data is risky. Here's what can go wrong.
Mail.ReadWrite Grants Everything
Microsoft Graph's Mail.ReadWrite permission gives agents full access to read, send, move, and delete mail across every folder with no built-in way to scope it down.
Azure AD Policies Are Not Scriptable
Configuring application permissions in Azure AD requires clicking through the portal, with no way to define per-agent rules in a config file or roll them back via git.
Multi-Tenant Token Management
Enterprise teams managing Outlook access across multiple tenants end up with scattered token rotation scripts that create security gaps through inconsistency.
How PortEden Protects You
Six layers of security between AI agents and your data.
Graph API Scoping from the Terminal
Replace the broad Mail.ReadWrite permission with specific rules per agent, such as read-only for one and draft-only for another.
Per-Agent Permission Sets
Each AI agent gets its own permission profile in your config file, so your summarizer gets read access while your reply agent gets draft-only access.
Content Filtering for Graph Responses
Control what data the Graph API returns to agents by stripping HTML, redacting headers, or returning metadata only.
Sender and Domain Blocking
Prevent agents from accessing emails from specific senders, domains, or distribution lists so sensitive communications stay invisible to AI.
Get Started in 3 Steps
Install and Authenticate
Install the PortEden CLI with npm and authenticate with your Microsoft 365 account via OAuth.
Define Access Rules
Create a config file with your access rules including visibility levels, action limits, and sender blocks per agent.
Route Agents Through PortEden
Point your AI agents to the PortEden proxy so every Outlook request is filtered through your rules with full audit logging.
Without vs. With PortEden
Without PortEden
- Mail.ReadWrite grants full mailbox access with no granularity
- Azure AD permission changes require portal access and manual clicks
- Token management scripts vary across teams and tenants
- No per-agent access controls within the same Graph API app registration
With PortEden
- Fine-grained read-only, draft-only, or scoped write access per agent
- Access rules defined in config files and deployed via CI/CD
- Centralized token management with automatic rotation and audit logs
- Each agent gets its own permission profile within a single config