How to Manually Authenticate with Office365 and Azure Message Sources

When ThinkAutomation 5 connections to Office 365 mailboxes it requested the following scopes via an OAuth request;

offline_access
User.Read
Mail.ReadWrite
Mail.ReadWrite.Shared

Rather than making internal organisational Azure permission changes to allow the mailbox connection, you can also manually set up Azure to enable the mailbox to connect with the below steps.

Steps to Mannually Authenticate

• First, generate an Azure App Registration, in Azure AD.
This should have the following properties:

• Single-tenant
• Mobile and desktop application authentication
• Redirect URI http://localhost:3017

• Once you have the app created, you need to have the following for the app:

• Application (client) ID
• Tenant (directory) ID

• Once this has been done, navigate to** C:\Program Files\ThinkAutomation** and run the program called ThinkAutomationEditOAuthProviders.exe Ensure you tun this as the Administrator so it has the required privileges to update the ThinkAutomation configuration files. (Right-click on the EXE and select Run as Administrator)

• Login with your regular Admin password

• Enter the ClientID from the App Registration

• Replace the word common in the Auth Endpoint and the Token Endpoint with your Tenant ID. For example;

Before

After

• If you plan to move emails in the inbox to update the status of them (Marked as Read, Add Flag...) then add the Mail.ReadWrite and Mail.ReadWrite.Shared scopes.

• Click Save

• Restart the ThinkAutomation Server Service

• Once the above is complete you can open the ThinkAutomation Studio and connect to the Office365 mailbox using the regular mailbox connector which will be preconfigured to the tenant and ClientID where the pre-setup App Registration resides in Azure.