Register application and assign permissions

IntelliBuddies uses Microsoft Authentication Library to establish an authenticated connection to Microsoft 365 applications. To enable IntelliBuddies to connect and call the Microsoft Graph API to read and write resources, follow the steps below:

• Creating and Registering your App
• Providing appropriate permissions to your registered App
• Configure Authentication to Get an Interactive Token
• Create and gather required connection information

Creating and Registering your App

1. Navigate to Azure portal

2. Search for App Registrations and click on the App registrations in the Services section.

3. Click on `New Registration.'

4. Provide a Name for the App. e.g., IntelliBuddies M365

5. Choose Accounts in this organizational directory only.

6. Click on Register.

Providing appropriate permissions to the registered App

Navigate into the created app registration and do the following steps

1. Click on API Permissions in the left pane.
2. Click Add a permission and then choose Microsoft Graph.
3. Click on Application permissions. Then select the appropriate permissions and click Add Permission.

OneDrive Services Permissions

note

Add the following permissions to the registered App to work with your OneDrive and SharePoint online documents.

a. Files.ReadWrite.All b. Sites.ReadWrite.All c. Group.ReadWrite.All d. User.Read.All

Outlook 365 Email Services Permissions

note

Add the following permissions to the registered App to work with your Outlook 365 emails.

a. Mail.Read b. Mail.ReadWrite [Optional: Needed if you want to set the read flag or delete the email automatically after reading an email]

4. Click Delegated permissions, select the following permissions, and click Add.

   1. Group.ReadWrite.All
   2. Tasks.ReadWrite
   3. Mail.Read
   4. Mail.ReadWrite [Optional: Needed if you want to set the read flag or delete the email automatically after reading an email]

5. Click on Grant admin consent for test [tenant] and click on Yes in the confirmation dialog

   

   

   

Configure Authentication to Get an Interactive Token

Navigate into the created app registration and do the following steps.

1. Click on Authentication in the left pane and then click on + Add a platform to configure the platform.
2. In the Configure Platform dialog, click on Mobile and Desktop applications
3. In the Configure Desktop + devices dialog, check the checkbox option as shown in the below screenshot and add the Custom redirect URIs as http://localhost

Create and gather the required connection information

Navigate to the App registration page and perform the following steps:

1. Click on Overview in the left pane. Copy the Application (client) Id and Directory (tenant) Id values and save them for future reference.

   

2. If Client-Secret based authentication is desired, then follow the steps in Create and gather Client Secret

3. If Certificate based authentication is desired, then follow the steps in Add certificate to App

Create and gather the Client Secret

Navigate to the App registration page and perform the following steps:

1. Click Certificates & secrets in the left pane and select Client secrets. Click on New client secret.

2. Provide a helpful description. e.g., IntelliBuddies M365. Keep the recommended Expires period and click on Add.

3. Copy the Client Secret value and Save it for future reference.

   

Add certificate to App

Navigate to the App registration page and perform the following steps:

1. Click Certificates & secrets in the left pane and select Certificates. Click on Upload certificate.

2. Choose the certificate file and provide a helpful description. e.g., IntelliBuddies M365 Certificate and click on Add.

3. The same certificate must be provided when using the Microsoft 365 Context activity.