Set up Azure AD Admin Center
When setting up the Exchange integration in Lanteria HR, the authentication method is to be selected. The users can choose between the Basic (login and password) and Modern (OAuth) authentication. Microsoft announced deprecation of basic authentication to connect to their services including Exchange Web Service. Thus, it is recommended to choose Modern and configure the OAuth authentication method.
The OAuth configuration steps in the Azure AD admin center are as follows:
- Open a browser and navigate to the Azure Active Directory admin center and log in using a personal account (aka: Microsoft Account) or Work or School Account.
- Select Azure Active Directory in the left-hand navigation, then select App registrations under Manage.
- Select New registration.
- On the Register an application page, specify the name of your app.
- Set Supported account types to the choice that makes sense for your scenario.
- Under Redirect URI, select Public client (mobile & desktop) and set the value to https://login.microsoftonline.com/common/oauth2/nativeclient.
-
Click Register. From the page that opens, copy the values of the Application (client) ID and Directory (tenant) ID and save them. These will be used when setting up the Lanteria HR part of integration.
-
Under Manage, click Manifest.
-
Locate the requiredResourceAccess property in the manifest, and set
- "resourceAppId" to "00000002-0000-0ff1-ce00-000000000000
- Under resourceAccess, "id" to "dc890d15-9560-4a4c-9b7f-a736ec74ec40" and "type" to "Role". After the changes, the manifest must look as follows:
- Click Save.
- Under Manage, click API permissions.
- Confirm that the full_access_as_app permission is listed.
- Select Grant admin consent for app and provide confirmation.
- Under Manage, click Certificates and Secrets and then New client secret.
- On the page that opens, enter a short description, provide maximum allowed date for Expires and click Add.
- Copy the contents of the Value field of the newly added client secret and save it.
