Français

Articles in this section

Driver Exchange: Using Microsoft/Office 365

  • Updated
Follow

Microsoft/Office 365 servers have been extended to support authorization via the industry-standard OAuth 2.0 protocol. Using OAUTH protocol, user can do authentication by Microsoft Web OAuth instead of inputting user and password directly in application. This way is more secure, but a little bit complex.

 

Create your application in Azure Portal

To use Microsoft/Office365 in Alert, you must create an application in

https://portal.azure.com.

  • Sign in to the Azure portal using either a work account or a personal Microsoft account.
  • If your account gives you access to more than one tenant, select your account in the top right corner, and set your portal session to the Azure AD tenant that you want.

  • In the left-hand navigation panel, select the Azure Active Directory service, and then select App registrations > New registration.

     

    mceclip16.png

     

  • Enter a application name (ex: "ALERT_VA") and select tenant corresponding to your requirement (here accounts in this organisation directory only[...] single tenant): mceclip1.png

For point 4 put this adress: https://login.microsoftonline.com/common/oauth2/nativeclient

 

EWS API permission

Now we need to add permission to the application:

Click API Permission -> Add a permission:

mceclip5.png

Select APIs in my organization uses -> Office 365 Exchange Online -> Application Permission -> Check full_access_as_app :

mceclip6.png

mceclip2.png

Here is permissions list:

mceclip0.png

 

panneau_attention_MMI.png If it turns out that you have the mention "not granted for XXXX" (2) you will have to ask the office 365 administrator to click on "Grant admin consent...." (1) by giving him the name you gave during 'application registration (ALERT_VA for this example) panneau_attention_MMI.png

mceclip4.png

Client Id and client secrets

Now we need to create a client secret for the application, click Certificates and secrets -> client secrets and add a new client secret.

mceclip10.png

Enter a client secret description and a expiration time:

mceclip15.png

panneau_attention_MMI.png As the due date of the client secret code is a maximum of 2 years, it is strongly recommended to put a reminder on an agenda to generate a new code before it expires. panneau_attention_MMI.png

 

mceclip18.png

panneau_attention_MMI.png Once the secret client Value has been generated, you will have to keep it yourself in a safe place. This is indeed the only time it is accessible through this interface. panneau_attention_MMI.png

 

Client id and tenant

Now you can click Overview to find your client id and tenant id. This 2 informations will be used in the configuration of Exchange driver in ALERT.

mceclip17.png

If your application is single tenant, use the tenant value in tokenUri and authUri instead of "common". If your application is multitenant, use "common" as tenant.

Above client_id and secret support both "Office365" and "Live (hotmail, outlook personal account)".

 

Configuration in ALERT

In the Exchange driver configuration you must select "Office 365" in Exchange version (1) specify only your email address (2) (the password box is grey, it's normal) and click on "..." (3) to configure specific parameters for the connection:

mceclip5.png

In the new window, enter parameters which have been created earlier:

  • Directory (tenant) ID (1) *
  • Application (client) ID (2)*
  • Client Secret password (Value) (3)

mceclip1.png

* You can find this IDs here: 

https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps

 

Now the configuration of Exchange Driver is finish, and you can send/receive emails.

Related articles