Microsoft 365 / Outlook.com OAuth API Setup and Configuration

Log into Microsoft Azure

To set up and configure the OAuth API, sign into Microsoft Azure as an administrator.

Alternatively, if you are logged into Microsoft Outlook 365:

Navigate to the App Launcher (9 dots in the top left) and open the Admin app.

In the Admin center, open the Navigation menu (icon with 3 lines) and open Azure Active Directory.

Create an Application ID

In Azure Active Directory, navigate to App registrations and click on New registration.

Quick Tip: You may need to select Azure Active Directory from the menu on the left after logging in.

When registering an application, the details you need to fill out the following:

  • Name: This needs to be unique and is only for your company.

  • Support account types: Select Accounts in any organizational directory and personal Microsoft accounts.

  • Redirect URI: For the first dropdown, set this to Web. Then for the second field, enter “https://localhost“.

Click the Register button to proceed.

As soon as this registration form is submitted, you’ll be redirected to the Overview page. Here, you’ll find your Application (client) ID. Copy and save this value.

Configure Application Authentication

Once the Client ID has been copied, navigate to Authentication.

In the Authentication pane, set up the Platform configuration as follows:

  • Web > Redirect URIs

    • https://localhost

    • http://localhost

  • Implicit grant and hybrid flows

    • Access tokens (used for implicit flows)

    • ID tokens (used for implicit and hybrid flows)

  • Allow public client flows

    • Enable the following mobile and desktop flows: Yes

Click the Save button.

Configure API Permissions

After configuring the Application’s Authentication, go to API permissions to create permissions to allow the application to read mail.

Click Add a permission and select Microsoft Graph.

Click Application permissions.

Search “mail” under Select permissions and select Mail.Read and Mail.Send.

Click the API permissions button and the API permissions should look like this:

Create the Client Secret

From the menu on the left select Certificates & secrets then click on New client secret.

An overlay will appear, and here you’ll need to fill out a short form:

  • Description: This name is only for your own use, it is recommended to use a logical and simple name such as “Oauth”.

  • Expires: Select an expiry that matches the security standards required.

This secret will need to be regenerated at the time of expiry, in order to have Outlook 365 continue to work with the CXT Software Operations App.

After submitting the form the secret will be generated. Copy and save both the Value and Secret ID of the created client secret.

Provide Credentials to CXT Software

Please provide CXT Software with the following:

  • Client ID

  • Client Secret Value

  • Client Secret ID

  • Mailbox username

  • Mailbox password