Restrict Domain-Wide Authorization to a Microsoft 365 Security Group
In Exchange admin console, create a mail-enabled security group that includes the users that you want to allow CalendarBridge to access.\
Run powershell as administrator
Run these commands:
Install-Module -Name ExchangeOnlineManagement
Import-ModuleExchangeOnlineManagement
If you get and error that running scripts is disabled, you will need to run Set-ExecutionPolicy RemoteSigned
Once done, you can set it back with Set-ExecutionPolicy Restricted
Connect-ExchangeOnline -UserPrincipalName <email address of Exchange Online admin>
New-ApplicationAccessPolicy -AppId a0dc78e0-066a-4aeb-b1e6-0f3efa277ed3 -PolicyScopeGroupId <name of mail-enabled security group> -AccessRight RestrictAccess -Description “Restrict CalendarBridge to only members of <name of mail-enabled security group>.”
Test-ApplicationAccessPolicy -Identity <email address of user in group> -AppId a0dc78e0-066a-4aeb-b1e6-0f3efa277ed3
this should return “granted”
Test-ApplicationAccessPolicy -Identity <email address of user NOT in group> -AppId a0dc78e0-066a-4aeb-b1e6-0f3efa277ed3