×
Created with ZedIndex

App registration in Microsoft Azure with OAuth

Last updated: July 10, 2023

This is an instruction for app registration in Microsoft Azure with OAuth and OpenID. The purpose of the registration is authentication MA!N for sending e-mails on behalf of your organization.

  • Go to the Microsoft Azure Portal and sign in to a Tenant with the rights to set up an App registration. If in doubt, please check with your IT administrator. Each organization with a Microsoft account also has an Azure account.
  • Search for App registrations and choose it from the results.
  • On the App registrations page, select New registration.
  • On the New app registration page, go to:
    • Name: give it a description, e.g., the name of the app for which you register.
    • Redirect URI: select Web and give it the value https://www.ce-it.com.
  • Choose Register.

You are now redirected and on this page you need to collect the following items and send them to CE-iT:

  • Overview (Essentials):
    • Application (client) ID
    • Object ID
    • Directory (tenant) ID
  • Select Endpoints (right above Essentials):
    • Oauth 2.0 authorization endpoint (v2)
    • Oauth 2.0 token endpoint (v2)

Close the Endpoints section and select Certificates and secrets from the sidebar on the left.

  • Select Client secrets
  • Select New client secret
  • Give the secret a description and select an expiration period. For MA!N, we recommend 24 months.
  • Select the button Add.

Sent the following items to CE-iT (both items are only shown once|):

  • Value
  • Secret ID

In the sidebar on the left, select API permissions:

  • Select Add a permission.
  • A new section opens. Go to APIs my organization uses and select Office 365 Exchange Online.
  • Select Application permissions (on the right).
  • Select the checkbox at full_access_as_app
  • Select the button Add permission
An instruction for app registration in Microsoft Azure with OAuth for authenticating MA!N for sending e-mails.

The app-registration is now completed. Please send us the following information:

  • Application (client) ID
  • Object ID
  • Directory (tenant) ID
  • Oauth 2.0 authorization endpoint (v2)
  • Oauth 2.0 token endpoint (v2)

With this information, CE-iT generates the consent-URL and can proceed with the further integration.

Note!
For finishing the integration and MA!N to be able to send e-mails on behalf of your organization, impersonation for the email address(es) is required.