Setting up MSGraph API Configuration

Owned by Knowledge Assistant
Last updated: Jul 30, 2024
2 min read
Description of Issue

Looking to use MSGraph for multi-factor authenticated email relay with Office 365

Context
  • MSGraph
  • MFA
  • Office 365
  • Enterprise ERP
Cause

Need to set up MFA with Office 365 within Enterprise ERP

Resolution
  1.  From the Enterprise ERP menu in Hub, open System Administration > General Administration > MSGraph API Configuration
  2. Click Update and fill out the form as follows
    1.  MSGraph API URL  - Leave as default
    2. Token URL Template - Leave as Default
    3. Azure Portal Link - Leave blank, this will field auto-fill after the update is accepted.
    4. Azure Administrator Email - Email address of an Azure Administration who has permissions to manage tenants, APIs, client secret keys, and expired secrets.
    5. Tenant Id - In Azure go to Dashboard > App Registration  and select the App Registration you created for Enterprise ERP MSGraph Configuration and copy the Directory (tenant) ID.
    6. Client ID - On the MSGraph App Registration page, copy the Application (client) ID
    7.  Object ID - On the MSGraph App Registration page, copy the Object ID
    8. Secret ID - On the MSGraph App Registration page, select Certificates and Secrets from the left-side menu. Copy the Secret ID from the page. 
    9. Client Secret - On the MSGraph API Configuration page in Enterprise ERP, copy the client secret that was created when you set up the app registration, in plain text. If the client secret was not saved, it is not recoverable and a new client secret will need to be generated. Once the client secret is saved in Enterprise ERP, it is encrypted and not able to be retrieved again.
  3.  Select the Test tab at the top of the page, and confirm settings are working. The check boxes on this page are display only, and will be checked as the tests are completed. When tests are completed, a summary will appear.

Note:  Azure permissions required: 

  • MailboxSettings.Read
  • Directory.Read.All
  • User.Read.All
  • Calendars.ReadWrite
  • Mail.Send
  • Application.Read.All

Note 2: MSGraph API is currently only available for EERP. Some products have a roadmap with their development teams to have MS Graph API integrations added. 

Additional Information

For more information about configuring your email settings to use MSGraph for relay, see Using MSGraph for email relay with Office 365