How To Configure An OAuth Azure AD Application

Description

Configuring The Azure AD OAuth App

1. Select the 'Azure Active Directory blade', then click 'App registrations', followed by 'New registration'.

 

1. Configure the application as follows:
   1. Name: Veritas Alta SaaS Protection EWS OAuth App
   2. Support account types: Accounts in this organizational directory only
   3. Redirect URI:  Change to Public client/native. The value should be: urn:ietf:wg:oauth:2.0:oob
   4. Click the 'Register' button.

 

1. After clicking Register and the process completes, it will automatically open the newly created application.
2. Now we need to add permissions.  Choose the API permissions button on the left, choose +Add a permission button and then on the right side, choose the 'APIs my organization uses' tab, in the search field, type 'Office', then select 'Office 365 Exchange Online'.

 

 

1. Click Application permissions, select the first option 'full_access_as_app', then click the blue Add permissions button. 

 

 

1. Now we must add the proper permissions in order to read the directory.
2. While still on the same page, click the +Add a permission button and choose Microsoft Graph on the right side.

1. Select the Application Permissions button.

1. Scroll down and expand Directory. Choose Directory.Read.All.  Then expand Group and choose Group.ReadWrite.All.  Click the Add permission button. 

 

1. Click the Grant Admin consent for... button to save the permissions. The end result should look like the following: 

1. The last step is to create a secret key.  
2. Click on Certificates & secrets
3. Click New client secret
4. Enter the Description as:  Veritas Alta SaaS Protection EWS OAuth App Key
5. Choose 24 Months for Expires
6. Click Add

1. Take note of the key and save it. 

1. Lastly, we need to also make note of the following: 
   1. Application (client) ID
   2. Directory (tenant) ID 
2. These two ID's and the secret key will be used to configure the EWS connector.