Connecting to Office 365
An authenticated connection to Office 365 is required in order to access emails, or files from Microsofts Services. This guide is a walk-through to establish an OAuth application connection, based up on Microsofts interface in the year 2022.
Prerequisite
The following prerequisites must be fulfilled for a successful connection to Microsoft Office 365 authentication service:
-
The i-net HelpDesk server must be secured with HTTPS
-
The i-net HelpDesk server and browser client must be able to reach https://login.microsoftonline.com/
-
You have to be authorized to create an Azure Entra ID Application at https://portal.azure.com
E-mail retrieval
If an e-mail retrieval or dispatch is initiated with this profile, the following requirements must be met:
-
The server must be able to call the following domains:
-
For MSN connection type:
smtp-mail.outlook.com
,imap-mail.outlook.com
-
For Office365 connection type:
outlook.office365.com
,smtp.office365.com
.
-
Creating the Azure Entra ID Application
You are about to create a new application now. This application will provide the authentication credentials for the OAuth connection we want to add to i-net HelpDesk.
-
Go to https://portal.azure.com and log in
-
Select
Entra ID
from the overview -
Select
App registrations
from the sidebar menu -
Click
New registration
from the menu
In the newly opened page you have to configure your application (see image below):
-
Enter a meaningful name to distinguish the application
-
Select the Supported account types - there is a Help me choose... link describing the differences of the options. Usually the first (Single Tenant) option should suffice
-
Enter the Redirect URL displayed in the configuration dialog of the i-net HelpDesk server, where a new connection is created (see Office365 configuration). Check, that you selected
Web
as the Redirect URL type. -
Click
Register
at the bottom of the dialog
Office365 configuration
In the i-net HelpDesk server configuration, open the Office365 configuration dialog as seen in the image below. There you have to fill in the missing information.
Note: If you selected Single Tenant in the account type configuration, you have to enter the tenants id in the respective field of the configuration. Otherwise it must be left empty.
Obtaining the Client and Tennant ID
The Client and Tennant IDs are displayed in the overview, directly after creating the application. They are displayed as Application (client) ID
and Directory (tennant) ID
in the Essentials section of the application, directly below the applications name. Paste the Client and the Tennant IDs into the OAuth Connection dialog.
Obtaining the Client Secret
The Client Secret has to be created separately. You can use the link Add a certificate or secret
in the essentials section to navigate there.
-
Navigate to the Certificates & secrets section of the application
-
Click
New client secret
in the Client secrets tab -
Enter a Description and set the Expiration time in the sidepanel
-
Click
Add
You must now copy the new entry from the Value
column from the table and paste it into the OAuth Connection dialog.
Note: The Secret ID is considered a password, so please keep it in a safe place.