Setting Up Inbound MCF Email Using Azure

You can set up MCF inbound email using OAuth2 authentication through Azure using the Create OAuth2 Service Apps page.

Search for MCF_MAIL or create your own service application, and open the Create OAuth2 Service Apps page using this navigation path:

Navigation:

PeopleTools > Security > OAuth2 Administration > Create OAuth2 Service Apps.

This example illustrates the fields and controls on the Example to set up MCF Inbound Email using OAuth2 Authentication with Azure.

Setting Up Azure as Email Client

Example

This example shows the suggested values to be used for MCF inbound email:

Field or Control

Description

Application Type

Select Email Client.

Client ID

Enter Azure application client ID.

Client Secret

Enter Azure application secret.

Authorized Endpoint

https://login.microsoftonline.com/<tenant ID>/oauth2/v2.0/authorize

Token Endpoint

https://login.microsoftonline.com/<tenant ID>/oauth2/v2.0/token

Issuer

https://login.microsoftonline.com

Scope

For email configurations, scope is set to None and grayed-out.

Scope URL

For email configurations, this defaults to https://graph.microsoft.com/mail.readwrite.

Refresh Token

This option is selected and grayed-out for email configurations.

For more information on OAuth2 support for non-IDCS service providers, see: Understanding OAuth 2.0.