Skip to main content

Cyware Orchestrate

Register Applications and Assign Permissions for EWS Exchange and Office 365 apps

You must create the Microsoft EWS Exchange or Office 365 app, register the apps, and assign the Microsft Graph and API permissions to the apps in the Microsoft Azure AD portal to successfully configure the app instance and perform the supported actions of the app in Orchestrate.

Before you Start

  • Ensure that you have the administrative privileges to create an application and assign the required permissions in the Microsoft Azure AD portal.

  • Ensure that you can use the EWS Exchange app to access Microsoft mail. For more information, see Configure User Email Settings

Steps

To register applications in the Microsoft Azure AD portal and assign the required permissions, perform the following steps:

Create an Application

You must create an application to register the app in the Microsoft Azure AD portal and assign the permissions.

To create an application, do the following:

  1. Sign in to the Microsoft Azure AD admin center.

  2. Go to the Menu > Azure Active Directory.

  3. Select Enterprise Applications.

  4. Click New Application > Create your own application.

  5. In what's the name of your app field, enter Office 365 or EWS Exchange and select Integrate any other application you don't find in the gallery (Non-gallery).

  6. Click Create to create the application.

Register Application with Microsoft Azure Active Directory

You must register the Microsoft EWS Exchange or Office 365 application to retrieve the values of configuration parameters required while creating the app instances.

To register the application with Microsoft Azure AD, do the following:

  1. Open a web browser and navigate to the Azure Active Directory Admin Center and sign in using a Microsoft account.

    SS_1.png
  2. Select Azure Active Directory in the left-hand navigation, and select App Registrations under Manage.

  3. Click New Registration and enter the following details. For more information about the registration fields, see Register an Application.

    SS2.png
    • Set the Name for your app. For example, EWS exchange or Office 365

    • Set Supported Account Types.

    • For Redirect URI, change the dropdown to Public client (mobile & desktop).

  4. Click Register. On the next page, copy the values of the Application (Client) ID and Directory (Tenant) ID and save them, you will need to provide them as configuration parameters while creating the app instance in the Orchestrate platform.

    ss_3.png
  5. Under Manage, go to Certificates and Secrets.

  6. Go to the Client Secrets tab and click New Client Secret.

  7. Enter the Description for the client secret and select an expiration date (Expires).

    A client secret is generated. Copy the Value of the client secret and store it safely as you cannot access it later.

    SS4.png

Assign Permissions for the Application

You must assign the required permissions to the registered Microsoft EWS Exchange app or Office 365 app to successfully perform the supported app actions.

To assign permissions for the Microsoft EWS Exchange or Office 365 application, do the following:

  1. Open a web browser and navigate to the Azure Active Directory Admin Center and sign in using a Microsoft account.

  2. Go to Enterprise Applications and select the required app to assign permissions.

  3. Go to Add a Permission > Microsoft Graph.

  4. Go to Application Permissions and click Select Permissions.

  5. Enable the following permissions:

    • Mail_Read

    • Mail_ReadBasic

    • Mail_ReadBasic_All

    • Mail_ReadWrite

  6. Go to Add a Permission > APIs my organization uses.

  7. Enter Office 365 Exchange Online and go to Application Permissions. Enable the full_access_as_app permission and click Add Permissions.

    API_Permissions.png
  8. Select Grant Consent for organization for all the assigned permissions and accept the confirmation.

    You have the required permissions to create an EWS Exchange or Office 365 app instance in Orchestrate and perform the supported actions.

Configure User Email Settings

Your administrator must configure your email settings in the Azure Admin Center to allow you to use the EWS Exchange app to access Microsoft mail.

To configure the email setting for the users, do the following:

  1. Sign in to the Microsoft Azure AD admin center.

  2. Go to Users > Active Users.

  3. Select the users to configure their email settings and click Mail.

  4. Under Email Apps, click Manage email apps.

  5. Select Exchange web services and click Save.

    The selected users can use the EWS Exchange app to access Microsoft mail.