An authenticated connection to Office 365 is required in order to access emails, or files from Microsofts Services. This guide is a walk-through to establish an OAuth application connection, based up on Microsofts interface in the year 2022.

The following prerequisites must be fulfilled for a successful connection to Microsoft Office 365 authentication service:

• The i-net HelpDesk server must be secured with HTTPS
• The i-net HelpDesk server and browser client must be able to reach ​https://login.microsoftonline.com/
• You have to be authorized to create an Azure Entra ID Application at https://portal.azure.com

If an e-mail retrieval or dispatch is initiated with this profile, the following requirements must be met:

• The server must be able to call the following domains:
  • For MSN connection type: smtp-mail.outlook.com, imap-mail.outlook.com
  • For Office365 connection type: outlook.office365.com, smtp.office365.com.

You are about to create a new application now. This application will provide the authentication credentials for the OAuth connection we want to add to i-net HelpDesk.

• Go to https://portal.azure.com and log in
• Select Entra ID from the overview
• Select App registrations from the sidebar menu
• Click New registration from the menu

In the newly opened page you have to configure your application (see image below):

• Enter a meaningful name to distinguish the application
• Select the Supported account types - there is a Help me choose... link describing the differences of the options. Usually the first (Single Tenant) option should suffice
• Enter the Redirect URL displayed in the configuration dialog of the i-net HelpDesk server, where a new connection is created (see Office365 configuration). Check, that you selected Web as the Redirect URL type.
• Click Register at the bottom of the dialog

In the i-net HelpDesk server configuration, open the Office365 configuration dialog as seen in the image below. There you have to fill in the missing information.

Note: If you selected Single Tenant in the account type configuration, you have to enter the tenants id in the respective field of the configuration. Otherwise it must be left empty.

The Client and Tennant IDs are displayed in the overview, directly after creating the application. They are displayed as Application (client) ID and Directory (tennant) ID in the Essentials section of the application, directly below the applications name. Paste the Client and the Tennant IDs into the OAuth Connection dialog.

The Client Secret has to be created separately. You can use the link Add a certificate or secret in the essentials section to navigate there.

• Navigate to the Certificates & secrets section of the application
• Click New client secret in the Client secrets tab
• Enter a Description and set the Expiration time in the sidepanel
• Click Add

You must now copy the new entry from the Value column from the table and paste it into the OAuth Connection dialog.

Note: The Secret ID is considered a password, so please keep it in a safe place.