How to configure OAuth2 Authentication for Microsoft Office 365 Mailbox integration

From Hornbill
Revision as of 16:24, 30 April 2021 by Michaelm (talk | contribs)
Jump to navigation Jump to search

Introduction

In order to enable Hornbill to use OAuth2 protocol to authenticate to Microsoft Office 365 for mailbox integration, a Hornbill Keysafe item is required that contains the OAuth2 authentication token. This is then used to configure any of Hornbill's integration components, namely the following

  • Email's Outbound Mail Routing Smart Host Configuration, -or-
  • Inbound Mail Service Components of the Shared Mailboxes.

The steps to configure this is the following:

  1. Create and link a Hornbill Keysafe
  2. Configure the Inbound Mail Service Component, either
    • The POP3 service -or-
    • The IMAP4 service

Hornbill Keysafe

As instructed by the Hornbill KeySafe page, create a keysafe whose type is Microsoft Office 365 Mail Connector. Once the keysafe is named and created, invoke the Connect button to initiate the authentication and generation of the OAuth2 authentication token. A new webpage should appear originating from Microsoft requesting the authentication/credentials of the account that will be used as the point of integration with Hornbill.

The following can be the series of steps.

  1. Page requesting for email address of account to use
  2. Page requesting the credentials for the account. This may include other multi-factor authentication mechanism.
  3. Page requesting permission to delegate rights from the account to the application. It can be any of the indicate pages. 
Once administrator permission is given. Performing the same steps above would NOW be possible to complete.

Different pages that Microsoft can provide

Microsoft requests email address to be used OAuth2 MS page1.png
Microsoft requests authentication OAuth2 MS page2.png
  • Can include other multi-factor authentication mechanisms
Microsoft asks user for permission to delegate the access rights that Hornbill requires

These are some of the requests that Microsoft can request
OAuth2 MS page3 app access.png OAuth2 MS page3 permission request.png OAuth2 MS page3 permission requested2.png

This page indicates that the administrator is requested to provide the permission. The administration would then be required to do some action.
OAuth2 MS page3 approval required.png

Microsoft sometimes indicates the return to originating application/website typically after requesting permission from the administrator. OAuth2 MS page4 request sent.png
Retrieved from "https://wiki.hornbill.com/index.php?title=How_to_configure_OAuth2_Authentication_for_Microsoft_Office_365_Mailbox_integration&oldid=26750"