Authentication :: User Credentials [OAuth]

Description

OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-register-app-v2. [API Help..]

Instructions

Firstly, login into Azure Portal and there create an OAuth application:

1. Go to Azure Portal and login there.
2. Then go to Azure Active Directory.
3. On the left side click menu item App registrations
4. Then proceed with clicking New registration.
5. Enter a name for your application.
6. Select the account types to support with the Supported account types option.
7. In Redirect URI, select Web.
8. In the textbox enter https://zappysys.com/oauth as the Redirect URI or another valid redirect URL.
9. Use this same Redirect URI in the Redirect URL - Must Match App Redirect URL grid row.
10. Copy Client ID and paste it into the API Connection Manager configuration grid in the Client ID row.
11. Click on the Endpoints link and copy the OAuth 2.0 authorization endpoint (v2) URL to the Authorization URL grid row. Usually it looks similar to this:
    • https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/authorize
12. Copy the OAuth 2.0 token endpoint (v2) URL to the Token URL grid row. Usually it looks similar to this:
    • https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/token
13. Close "Endpoints" popup and create a Client Secret in the Certificates & secrets tab.
14. Proceed by clicking New client secret and setting expiration period. Copy the client secret and paste it into configuration grid in Client Secret row.
15. Now lets setup permissions for the app. Click on API Permissions and on the page click Plus Sign Add Permission
16. Click on Microsoft Graph API and then choose Delegated Permissions
17. on Permission list page search or choose permissions as needed. We need to enable following Permissions from 3 Sections (i.e. OpenId Permissions, Mail Permissions and Users Permissions).
18. Make sure you have checked below permissions (If you do not need Write feature then you can skip Write scopes)

    offline_access
    email
    openid
    profile 
    Mail.Read
    Mail.Read.Shared
    Mail.ReadBasic
    Mail.ReadBasic.Shared
    Mail.ReadWrite
    Mail.ReadWrite.Shared
    Mail.Send
    Mail.Send.Shared
    User.Read
    User.ReadBasic.All
      

19. Click Generate Token to generate tokens.
    NOTE: If you are planning to use your current data connection/token for automated processes, we recommend that you use a generic account for token generation when the login box appears (e.g. sales_automation@mycompany.com instead of bob_smith@mycompany.com). When you use a personal account which is tied to a specific employee profile and that employee leaves the company, the token may become invalid and any automated processes using that token will fail. Another potentially unwanted effect of using a personal token is incorrect logging; the API calls (e.g. Read, Edit, Delete, Upload) made with that token will record the specific user as performing the calls instead of an automated process.
20. That's it!

Parameters