Versions Compared

Version Old Version 13 New Version Current
Changes made by

Elliot Dooleysmith

Ella Morrissey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Pre-requisites & Limitations

If using EWS, Exchange Impersonation for all resource mailboxes is mandatory for the service account(s)

Please see the Microsoft Office 365 configuration guide for instructions to configure Impersonation

Info

Exchange Impersonation is not a requirement when integrating using Microsoft Graph API

ResourceXpress Settings

To configure OAuth in ResourceXpress first sign into the admin console, using the navigation menu across the top select Administration Settings then System Settings, the OAuth options can be found under the Resource Server tab.

...

Next, select API Permissions under Manage, found on the left menu.

By default the Microsoft Graph User.Read permission is added automatically.
ResourceXpress does not require this permission, so this can be removed.

full_access_as_app
Status
colourRed
titlerequired

Expand

Click the Add a permission button from the API permission window.

From the Select an API window choose the APIs my organization uses tab.
From the available list or using the search choose Office 365 Exchange Online from the Search List.

...

Image Added

Select Application permissions and choose the full_access_as_app option and click Add permissions.

...

Image Added

Next, click Grant admin consent and then Accept from the confirmation dialogue box.

...

Image AddedImage Modified

Make sure that admin consent has been granted to the full_access_as_app permission, this may require the page to be refreshed.

Image Added

Mail.

...

Send permission
Status
colourYellow
titleoptional

Required to use OAuth for SMTP

Expand

Click the Add a permission button from the API permissions window.

Image Added

From the Select an API window choose the Microsoft Graph tab.

Image Added

Select Application permissions and choose the Mail.Send option and click Add permissions.

Image Added

Next, click Grant admin consent and then Accept from the confirmation dialogue box.

Make sure that admin consent has been granted to the Mail.Send permission, this may require the page to be refreshed.

Image Added

User.Read.All & Group.Read.All permission
Status
colourYellow
titleoptional

Required to use Azure AD User Sync
User Settings

Expand

Click the Add a permission button from the API permissions window.

Image Added

From the Select an API window choose the Microsoft Graph tab.

Image Added

Select Application permissions and check the box for the User.Read.All and Group.Read.All options and click Add permissions.

Image Added

Next, click Grant admin consent and then Accept from the confirmation dialogue box.

Make sure that admin consent has been granted to the permissions, this may require the page to be refreshed.

Image Added

Generate the Client Secret

...