Obtain an Azure app ID for BEMS with client secret authentication
Azure
app ID for BEMS
with client secret authentication- Sign in to portal.azure.com.
- In the left column, clickAzure Active Directory.
- ClickApp registrations.
- ClickNew registration.
- In theNamefield, enter a name for the app.
- Select a supported account type.
- If you use passive authentication for users to authenticate to the identity provider (IDP), in theRedirect URIdrop-down list, selectPublic/client (mobile & desktop)and enterhttps://localhost:8443. The Redirect URI is the URL that the user is redirected to after they successfully authenticate to the IDP.Important: Make sure that the Redirect URL matches the URL to the dashboard or authentication might not work as expected.
- ClickRegister. The new registered app appears.
- In theManagesection, clickAPI permissions.
- ClickAdd a permission.
- ClickMicrosoft Graph.
- ClickApplication permissionsand set the following permissions:
- Read mail in all mailboxes (Mail > Mail.Read)
- Read all user's full profile (User > User.Read.All)
- Read and write contacts in all mailboxes (Contacts > Contacts.ReadWrite)**This permission is only required if you require the Contact Service API to use third-party apps to query, retrieve, create, and update contact information from a user’s contact folder. For more information on theBEMSContact Service API, see Contact Service API reference content.
- ClickUpdate permissions.
- ClickGrant admin consent. ClickYes.
- Add a client secret.
- In theManagesection, clickCertificates & secrets.
- ClickNew client secret.
- In theDescriptionfield, enter a key description up to a maximum of 16 characters including spaces.
- Set an expiration date (for example, 3 months, 12 months, custom).
- ClickAdd.
- Copy the keyValue.The Value is available only when you create it. You cannot access it after you leave the page. This is used as theClient secretin theBEMSDashboard when you enableMicrosoft Office 365and configureBEMSto communicate withMicrosoft Office 365.