Set Up the Application in Microsoft Azure

Setting up the application in Microsoft Azure involves:

  1. Signing in to Azure and registering the application.
  2. Entering a Host Name.
  3. Adding Redirect URIs.
  4. Specifying Client Secret and duration of the secret.
  5. Adding API permissions.

Sign in and Register

  1. As an Azure/Exchange administrator, sign in to the Microsoft Azure portal at https://portal.azure.com.

  2. In Azure Services, click Azure Active Directory.

    Note: If you're a first-time user, then you must sign up for your Microsoft Azure Active Directory account.
  3. In the navigation pane of the Azure Active Directory Overview page, click App registrations.
  4. Click the New registration tab.
  5. On the Register an application page, enter a name for the application.

    The name you enter appears during Azure setup only. It doesn't appear in the add-in.

  6. For Supported account types, make sure Accounts in this organizational directory only (single tenant) is selected.
    Note: Other options for tenancy:
    • For single tenant with more than one domain set up, select Accounts in any organizational directory (Any Azure AD directory - Multitenant) instead of the single-tenant option.
    • If you're using multi-tenancy, select Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts. See Use Multi-Tenancy for more information.
  7. Leave the Redirect URI blank.
  8. Click Register.
  9. Back on the Overview page, copy the Application (client) ID and Directory (tenant) ID for later use.

    Here's an example of a portion of the App registrations overview page, showing Display name, Application (client) ID, Object ID, Directory (default) ID, and Supported account types:

    Example of a portion of the App registrations overview page, showing Display name, Application (client) ID, Object ID, Directory (default) ID, and Supported account types

Enter a Host Name

  1. Next, in the navigation pane, click Branding & properties.

    The Branding & properties page shows these fields: Name, Logo, Upload new logo, Home page URL, Terms of service URL, Privacy statement URL, Service management reference, and Internal notes. Here's an example of the menu item and the Branding & properties page:

    Branding & Properties page
  2. In the Home page URL field, enter the host name of your Sales environment with this string appended to it: https://<Host Name>/crmUI/osc365/web/index.html.

  3. Click Save.

Add Redirect URIs

  1. In the navigation pane, click Authentication (callout 1 in this sample image).

    Authentication with Add Platform and Configure platforms Web selection highlighted with callouts
  2. Click Add a platform (callout 2 in the image).
  3. In the Configure platforms page, click Web (callout 3 in the image).
  4. In the Redirect URIs section of the Configure Web popup window, add the following URIs and click Configure.
    Note: You need to add each URI separately.

    URI Base Values

    URI Base Values Example URIs

    https://<host>/sales/office365/jet/close.html

    https://sample-pod.oraclecloud.com/sales/office365/jet/close.html

    https://<host>/crmUI/office365/jet/close.html

    https://sample-pod.oraclecloud.com/crmUI/office365/jet/close.html

    https://<host>/crmUI/osc365/web/close.html

    https://sample-pod.oraclecloud.com/crmUI/osc365/web/close.html

Specify Client Secret and Duration

  1. In the navigation pane, click Certificates & secrets.
  2. In the Certificates & secrets page's Client secrets section, click New client secret, as shown in this sample image:Certificates & Secrets page highlighting the selection and the New client secret button.
  3. In the Add a client secret popup window, enter a description, for example: "Sales client server secret".

  4. Select a duration for the expiration of the client secret. The recommendation is 24 months. See What should I do if the client secret expires? for more details.Sample image of the Add a client secret page

    If you select Custom, enter your start and end dates. These dates need to be in a 24-month time span. After the end date, you must sign in to the client again to start the sync.

  5. Click Add.
  6. Copy the generated string from the Value field. This value is the Application Key.

Add API Permissions

  1. In the navigation pane, click API permissions.
  2. Click Add a permission.
  3. On the Request API permissions page, on the Microsoft APIs tab, select the Microsoft Graph section.
  4. Click Delegated permissions. Add these permissions:
    Permission Option to Select

    Calendars

    Allows the application to create, read, update, and delete events in user calendars.

    Calendars.ReadWrite

    Contacts

    Allows the application to create, read, update, and delete user contacts.

    Contacts.ReadWrite

    MailboxSettings

    Allows the application to create the Shared with Oracle category.

    MailboxSettings.ReadWrite

    Mail

    Allows the application to create, read, update, and delete email in user mailboxes. Doesn't include permission to send mail.

    Mail.ReadWrite

    Tasks

    Allows the application to create, read, update, and delete the signed-in user's tasks and task lists, including any shared with the user.

    Tasks.ReadWrite

  5. Click Add Permissions.
  6. On the API permissions page, in the Configured permissions section, click Grant admin consent to consent on the behalf of users.