How to prepare MS account for OAUTH authorization

Articles, advices, FAQ, etc.
Post Reply
Oleg
Site Admin
Posts: 3132
Joined: Thu Jan 01, 1970 1:00 am
Contact:

How to prepare MS account for OAUTH authorization

Post by Oleg »

Before you can use OAUTH you need to set up your MS account. Then you can use the settings from your account to configure the OAUTH authorization settings.
Let's go step by step through how to configure your MS account.

1. Open Microsoft Entra admin center and log in to the service using your parameters. You may need to wait a bit if you are accessing this service for the first time or if you haven't used this service for a long time.

2. Next, you will need to register an Application. Open the side menu on the left and select Applications->App registrations
You need to add App registration for desktop application.
In the top menu select New registration and choose the following options (see screenshot)
  • Personal Microsoft accounts only (1)
  • Select Public client/native (mobile & desktop) platform (2)
  • Enter http://localhost in the Redirect URI field (3)
Register an application - Microsoft Entra admin center.png
Register an application - Microsoft Entra admin center.png (36.34 KiB) Viewed 2000 times
If you already have such application registered, then proceed to the next step

3. Open the created App registration. See screenshot
Select the API permissions (1) item of the application. The application should list permissions in the Microsoft Graph group:
  • email (2)
  • IMAP.AccessAsUser.All (3)
  • POP.AccessAsUser.All (4)
  • SMTP.Send (5)
Register an application - App permissions.png
Register an application - App permissions.png (64.97 KiB) Viewed 2000 times

4. The application registration is ready. Now we can enter parameters in OAUTH accounts editor and get Refresh Token. After successfully getting "refresh token" you can use the generated OAUTH account in Email actions.
Please note that "refresh token" has a limited lifetime and you will have to get a new one periodically.
Since we have created app registration for personal accounts, client secret is not needed. Leave this field empty.
Oleg Yershov
Post Reply