Configuring the Outlook Office 365 mail box

It is possible to configure an MS Outlook.office.365.com mailbox in Watchdoc SkyPrint.

However, as Outlook365 requires oauth2 authentication for external applications wishing to access a mailbox, Watchdoc SkyPrint must first be registered as one of the applications authorised to access Outlook365.

This configuration must be carried out in the Microsoft Azure management interface.

 

The steps are as follows:

1. register the Watchdoc SkyPrint application in Azure.

2. configure the Watchdoc SkyPrint application to use OAuth.

3. configure the OutlookOffice 365 mailbox in SkyPrint.

Register the Watchdoc SkyPrint application in Azure

1. Log on to your Azure portal as an administrator.

2. In the search tool, enter "App registrations".

3. In the list of results, select the "App registrations" service:
   

   

4. In "App registrations" interface, click on New registration":
   

5. In "Registration" interfacee:

   • Name: give the application a name (Watchdoc SkyPrint, for example). This name is only displayed in the Azure administration interface.

   • Account type: select "Single tenant" to limit the use of the application.

   • Redirect URI: select the Web type, then enter the following address in the fieldhttp://localhost:8080/admin/api/configuration/mailboxes/token. This URI is used to receive the authentication token once the user has been authenticated.
     
     

6. click on Register.

7. The application interface displays the information you need to configure your Outlook 365 mailbox in SkyPrint at a later date:

   • Application (client) ID: application identifier as registered in Azure

   • Directory (tenant) ID: application property identifier.
     

8. Then define the Secret (application-specific password) by clicking on Add a certificate or a secret:
   
   

   • Secret: enter the password;

   • Expiration date: secret expiry date. Once the expiry date has passed, you will need to enter a new one and update the SkyPrint configuration:
     
     

Please note: once the secret has been created, it will appear in the "Customer secrets" list, so be sure to write it down or copy it at this point, as it will no longer be accessible afterwards.

1. Then click on the URI link to configure it:
   
   4

    

2. At the bottom of the page, tick the ID tokens (used for implicit and hybrid flows) :
   
   
   

3. Click Save to save the settings.

4. In the API Permissions interface, click on Add a permission:
   
   
   

5. select the API "Microsoft Graph" :
   

6. Then choose Delegated Permissions:

7. Look for "Imap" in the list of authorisations:

8. Select the "IMAP.AccessAsUser.All" permission. This will allow the application to access the Imap account of the SkyPrint email account:
   
   
   

9. Repeat the operation for the following permissions:

   • Mail.Read

   • Offline.access

   • User.Read

10. Once these permissions have been added, they will appear in the list of configured permissions:
    
    

11. Grant them "admin consent" by clicking on the Grant admin consent for Doxense button.
    This way, when users configure the email account for the mobile printing application, they will no longer need to provide explicit consent for these permissions:
    
    

12. Exit the Azure portal and configure the SkyPrint email account using the application registration information in Azure.