It appears just from wading in this garbage for 5 minutes to me that you establish an oauth2 token via ADSF, then use that to connect to EWS. I assume you need to have exchange configured against ADFS already.

• https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/authentication-and-ews-in-exchange
• https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts
• https://aws.amazon.com/blogs/mobile/building-adfs-federation-for-your-web-app-using-amazon-cognito-user-pools/

So it looks to me like a combination of various things that Perl supports via CPAN:

• Oauth2 (a valid token provided by ADFS being ultimately what allows you to access exchange)
• XML
• SAML
• Active Directory/LDAP

Good luck, idk how you put up with this unnecessary and never ending complication of permutations.

don't know how you can work in this space and not walk away with brain damage.

Who said I didn't?

Anyways; Yes. Something like that.
But some bits are controlled by corporate, in another country (and another language, probably)

I was hoping Email::Folder::Exchange::EWS would shortcut all the other alphabet-soup stuff, but it just gets 401 :'(
I'll check those links.
Thanks.

>Who said I didn't?

You're here, so that's ++ towards your sanity xD

What you're missing now is the Authentication step. Once you clear security, that package should eliminate most of the soup.