Configuring Outbound mail setup with Microsoft client credentials

Step 1: Register an application in Microsoft Entra

1. Sign in to the Microsoft Entra admin center Portal.
2. Navigate to App registrations.
3. Click New registration.
4. Enter a name for your application (for example, "Mail OAuth Integration").
5. Under Supported account types, select an option based on your needs:
   • Accounts in this organizational directory only (Autologyx Test only - Single tenant).
   • Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant).
6. Click Register.

Step 2: Configure API permissions

1. In your registered application, go to API Permissions.

2. Click Add a permission > Microsoft Graph > Delegated permissions.

3. Select the following permission:

   • Mail.Send

4. Click Add permissions.

5. Click Add a permission > Microsoft Graph > Application permissions.

6. Select the following permission:

   • Mail.Send

7. Click Add permissions.

8. Click Grant admin consent for [Your Organization] to apply permissions.

9. Your app API permissions should look as below:

   

Step 3: Create a client secret

1. Navigate to Certificates & secrets.
2. Under Client secrets, click New client secret.
3. Enter a description (for example, "Mail Integration Secret").
4. Set the expiration period. Take note of the expiry date, as a new secret will have to be created when this one expires.
5. Click Add and copy the generated secret.
   • Important: This secret will only be displayed once. Store it securely.

Step 4: Assign an Exchange Online license

1. Go to Microsoft 365 Admin Center and log in with an admin account.
2. Find the e-mail for setting up your email in Catalyst:
   • Navigate to Users > Active users.
   • Search for an e-mail address (for example, "sample@outlook.com").
3. Assign a license:
   • Click on the user.
   • Go to the Licenses and Apps tab.
   • Look for Exchange Online (Plan 1 or Plan 2) or any Microsoft 365 license that includes Exchange.
   • If the user does not have an Exchange Online license, assign one.
4. Set the expiration period.
5. Click Save changes and wait a few minutes for the changes to take effect.

Step 4: Retrieve the required information

Gather the following details:

1. Tenant ID: Found under Microsoft Entra admin center > Overview.
2. Client ID: Located in the App registration overview.
3. Client Secret: Generated in Step 3.
4. Scope: https://graph.microsoft.com/.default

Step 5: Add OAuth configuration in Catalyst

1. Go to Administration > Authentication objects.
2. Click the Create button on an Authentication objects list.
3. Select Microsoft oAuth 2.0 (Client Credentials flow) as the Provider.
4. Fill in the required fields using the details from Step 4.
   

Step 6: Test and save the Authentication object

1. Click Test to verify the Authentication Object.
   
2. If the test is successful, click Save.

Step 7: Configure the Outbound mail setup

1. In Outbound mail setup, select Microsoft Office 365 Exchange (Graph) with oAuth 2.0 as the mail service you will be using.
2. Choose the newly created Authentication Object from the dropdown.
3. Complete the Microsoft Client Credentials Settings section.
4. Click Test mail settings to verify the configuration.
5. If successful, click Save.

Autologyx Classification: Unrestricted, Public