Register App For Outlook Email Service

This is a quick guide on how to register an app and configure API permissions in the Azure portal so Patriot Task Service can be authenticated via OAuth to get access to Outlook Email service.

Prerequisites

The account you are going to use to send or receive emails must be associated with a tenant. Setup of a tenant is out of the scope of this documentation.

Register an application

Follow these steps to create the app registration:

  1. Sign in to the Azure portal.
  2. If you have access to multiple tenants, in the top menu, use the Directory + subscription filter Azure Directory Subscription
  Filter to select the tenant in which you want to register an application.
  3. Search for and select Azure Active Directory.
  4. Under Manage, select App registrationsNew registration.
  5. Enter a display Name for the application representing Patriot Task Service.
  6. Select Accounts in this organizational directory only as the Supported account type.
  7. Leave Redirect URI blank.
  8. Select Register to complete the initial app registration.
Azure Register Application

Once the application is registered, the Azure portal will lead you to the Overview pane of the application. You will see the Application (client) ID and the Directory (tenant) ID, which will be entered into Patriot Email task settings.

Azure Application Overview

Allow public client flows

  1. Under Management, select Authentication.
  2. Select Try out the new experience (if shown).
  3. Under Advanced settings, and section Enable the following mobile and desktop flows, select Yes to treat the application as a public client.
  4. Select Save.
Azure allow public client flows

Configure API permissions

  1. Under Manage, select API permissions.
  2. Select to add a permission.
  3. Select Microsoft APIsMicrosoft Graph Delegated permissions.
  4. Select SMTP.Send for sending or POP.AccessAsUser .All for receiving, according to what service you are going to use. Also select offline_access which allows Patriot to refresh an expired token. You can search for these permissions by name.
  5. Select Add permissions to add selected permissions.
Azure Select Permissions

After these permissions are added, you will see a list of Configured permissions in the API permissions pane.

Select Grant admin consent for ‹the tenant name› to grand admin consent for SMTP and POP permissions. They should all be marked as Granted for ‹the tenant name› in the Status column. This is essential for Patriot to perform OAuth authentication silently without user interaction. This can only be done by an administrator.

Azure Configured Permission

Save all the changes.

Related Pages