Registering BOLD Email Integration as an App in Microsoft 365 enables BOLD to authenticate to your Microsoft 365 tenant on behalf of BOLD users using their user account. By default, a newly registered App won't have any Permissions, so you'll also need to assign appropriate roles to the application to enable BOLD Email Integration to sync Microsoft 365 mailboxes and send emails.
CHAPTERS
Admin Setup
Register the App
Create Client Secret
Copy the Application ID
Add API Permissions
Setup to Configure Web Application Authentication
Create User Groups
Add a new Group to the Application
References
Outlook Service Limits
Admin Setup
Register the App
- Log into the Office 365 portal
- Click on Azure Active Directory
- Click on Overview
- Click on the Add button
- Click on App registration
- Enter a name for the application, in the Name field
- Suggested to use: Bold_Email_Integration
Note: We recommend not to include any spaces and use underscores instead.
- Suggested to use: Bold_Email_Integration
- Select the Accounts in any organizational directory (Any Azure AD directory - Multitenant) option
- Click on the Register button
A prompt will appear in the upper right corner, showing it was successful.
Create Client Secret
- Click on the Certificates & secrets section
- Copy the Application (client) ID since it will be used in a later step.
Adding the Application (client) ID
- Copy the Application (client) ID since it will be used in a later step.
- Click on the Client secrets section
- Click on the New client secret button
Note: After creation be sure to save the client secret as it will only be available for a short time.
This and the application (ClientId) will need to be configured in Utilities in a later step
- Enter a name in the Description field
- Select the expiration from the Expires drop down field.
- We recommend selecting 24 months.
- We recommend selecting 24 months.
- Click on the Add button
A prompt will appear in the upper right corner, showing it was successful.
- The Secret Value field will only be displayed on this screen. Once you navigate to another area, the Secret Value will never be displayed again.
- Hover the mouse to the new Paper image icon
- Click on the Copy to clipboard link
- Paste the value of the Secret Value, in a location to be used for later set up.
Note: The Secret Value must be copied here since it will not be displayed again.
Example of Secret Value no longer being displayed.
Copy the Application ID
Copy the Application (client) ID and Client credentials to add into AviontéBOLD.
- Click on Overview
- Hover over the Application (client) ID field.
A Paper image icon will show
- Hover the mouse to the new Paper image icon
- Click on the Copy to clipboard link
- Paste the value of the Application ID, in a location to be used for later set up.
Inputting the Application ID and Client secret
Add API Permissions
- Click on the API Permissions section
- Click on the Add a Permission button
- Click on the Microsoft Graph tile
- Click on the Delegated Permissions tile
- Select the following options from the Sections:
- Add the following Permissions, by clicking the checkboxes:
Details for API/Permissions
Located in Section API / Permission Name Type Description Admin Consent required OpenId Permissions openid Delegated Sign in and read user profile
No Mail Mail.Read Delegated Read user mail No Mail Mail.Send Delegated Sign users in No User User.Read Delegated Send mail as a user No - Click on the Add Permissions button
- A prompt will appear in the upper right corner, showing it was successful.
- Ensure that all the APIs/Permissions are listed:
Details of the APIs/Permissions
- Click on the Grant admin consent for xtmxt button
Note: Replace "xtmxt" with "Your Tenant Name"- This option may be grayed out (unavailable), without the proper Permissions.
Microsoft on Azure AD roles
A prompt will appear in the upper right corner, showing it was successful.
- This option may be grayed out (unavailable), without the proper Permissions.
- Notice the status is updated to Granted for xtmxt
Note: "xtmxt" is just an example name and will be different than yours.
Setup to Configure Web Application Authentication
- Click on the Authentication section
- Click on the Add a platform button
- Click on the Web tile
- Enter the following link into the Redirect URIs field
- Replace clientname with your company's subdomain
- Click on the Configure button
A prompt will appear in the upper right corner, showing it was successful.
Create User Groups
Create a user group that has access to this new application and assign users that are allowed BOLD Email Integration.
- Ensure you are on the Groups Section.
- Click on Azure Active Directory
- Click on the Groups section
- Click on the New group button
- Enter information for the following fields:
- Group Type: Select the Security option
-
Group name: BOLD_Email_Integration
-
Note: We recommend not to include any spaces and use underscores instead.
-
- Group description: Enter a brief description of the Group
- Azure AD roles can be assigned to the group: Toggle the switch to No
- Membership type: Select the Assigned option
-
Owners: No changes are needed
-
Members: Click on the No members selected link
- Select all the members/users
- Select all the members/users
- Click on the Create button
Add a new Group to the Application
Select Enterprise Apps and BOLD Email Integration to add this group to the new Application
- Click on Enterprise applications
- Click on All applications
- Click on the link for your Application, in the Name field.
Verify that the Name is BOLD Email Integration (or the name used when initially creating). This is the name that was created for registering the App.
Section on registering the App
- Click on the Assign users and groups link
- Click on Add user/group
Note: : This list may initially be blank
- Click on the None Selected link
- Click on the User Group that was created in a previous step.
Note: Depending on the Azure Active Directory Plan, User Groups may not be available to select.Section on creating a user group
This is the name that was created for the user group.
- If the Azure Active Directory Plan is a Free Tier, then the ability to select User Groups is not allowed.
- Instead, please select all the Users
- Instead, please select all the Users
- If the Azure Active Directory Plan is a Free Tier, then the ability to select User Groups is not allowed.
- Click on the Select button
- Click on the Assign button
References
Outlook Service Limits
From the Microsoft article, Microsoft Graph service-specific throttling limits:
"Outlook service limits are evaluated for each App ID and mailbox combination. In other words, the limits described apply to a specific App accessing a specific mailbox (user or group). If an application exceeds the limit in one mailbox, it does not affect the ability to access another mailbox. The following limits apply to the public cloud as well as national cloud deployments."
Limit | Applies To |
10,000 API requests in a 10-minute period | v1.0 and beta endpoints |
4 concurrent requests | v1.0 and beta endpoints |
15 megabytes (MB) upload (PATCH, POST, PUT) in a 30-second period | v1.0 and beta endpoints |
3rd party link Disclaimer: These links are being provided as a convenience and for informational purposes only; they do not constitute an endorsement or an approval by [The author] of any of the products, services or opinions of the corporation or organization or individual. [The author] bears no responsibility for the accuracy, legality or content of the external site or for that of subsequent links. Contact the external site for answers to questions regarding its content.
Click on the links below for more information:
- Microsoft Outlook365 (Modern Auth) Summary
- Manually deactivate Custom SMTP & Email Auto-sync
- Activate the Outlook365 Tile (Marketplace)
- Initial setup for User using Office 365 (Modern Auth)
- Install Microsoft Authenticator App
- Custom SMTP setup
- Auto Sync Email setup
Comments
0 commentsPlease sign in to leave a comment.