You can access an Outlook 365 mailbox (using Oauth 2.0) from an Email Endpoint. Endpoint configuration relies on the Credentials OAuth2 flow for IMAP and POP3, which, in turn, requires an application to be configured within your Microsoft Azure tenant/directory. In addition, Email Endpoint configuration requires information you must collect as you configure your Azure application.
Note: OAuth 2.0 client credentials for SMTP is currently not supported. Click here for more information.
Setting up your Azure application
The steps necessary to set up your Azure appliction are provided in Authenticate an IMAP, POP or SMTP connection using OAuth. Note that not all the procedures outlined are required for the purposes of Endpoint configuration. Only the following are required:
- Create/Register an Azure application - during this step, you must gather the information required for the Email Endpoint. See Gathering required Endpoint information.
- Use client credentials grant flow to authenticate IMAP and POP connections
- Get tenant admin consent
- Register service principals in Exchange
Required Endpoint information
When you set up an Email Endpoint for Outlook 365 with OAuth 2.0, you must provide CIC with the following information which is provided to you when you register your Azure application:
- Azure Tenant ID
- Application ID
- Application Secret - Note: This piece of data is only available as you go through the Azure application registration process and is never displayed again. Be sure to capture this data when it is displayed during registration.
Troubleshooting your configuration
Errors with the information required to create the Email Endpoint are manifested as Job errors visible in the CIC Cockpit on the Jobs page. See Working with Jobs.
Note: These Job error messages are the initial indication of issues with your Email Endpoint, Outlook 365, and OAuth 2.0 configuration.
This table describes error messages and possible underlying causes:
Job error | Description |
---|---|
Tenant '<tenantid>' not found |
There is a problem with your Azure Tenant ID. Make sure the value you entered in your Endpoint configuration matches your Azure tenant ID. |
Application with identifier '<applicationId>' was not found in the directory <directoryName> |
There is a problem with your Azure Application ID. Make sure the value you entered in your Endpoint configuration matches your Azure Application ID. |
Invalid client secret provided. Ensure the secret being sent in the
request is the client secret value, not the client secret ID, for
a secret added to app '<applicationId>' |
This is a problem with the Azure client secret you entered in your Endpoint configuration. Make sure you have used the client secret value as opposed to the client secret ID. |
Comments
0 comments
Please sign in to leave a comment.