Azure AD application allows a secure way to connect an external application to your Active Directory and Exchange Online. Please, refer to the instructions below to find out how to create an application and use it to connect to Newoldstamp.
Step 1:
Application registration in Azure AD
If you encounter any problems registering an app, please, check whether your account has all the required permissions to create the app.
1. Go to the Azure AD portal at https://portal.azure.com/ and sign in with your Azure AD account.
2. Under Manage Azure Active Directory, click View.
3. Under Manage, select App registrations and then click New registration.
4. In the Register an application page that appears, configure the following settings:
Name: Enter something descriptive (e.x. "newoldstamp-app")
Who can use this application to access API?: Select Accounts in this organizational directory only (Microsoft).
Redirect URL (optional): In the first box, select Web.
5. When you're finished, click Register.
6. Leave the page. There you'll use it in the next step.
Step 2:
Assign API permissions to the application.
Note: The procedures in this section replace any default permissions that were automatically configured for the new app. The app doesn't need the default permissions that were replaced.
1. On the app page under Management, select Manifest.
2. On the Manifest page that opens, find the requiredResourceAccess entry (on or about line 44).
Modify the resourceAppId, resourceAccess, id, and type values as shown in the following code snippet:
JSON
"requiredResourceAccess": [
{
"resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
"resourceAccess": [
{
"id": "dc50a0fb-09a3-484d-be87-e023b12c6440",
"type": "Role"
}
]
}
],
When you're finished, click Save.
Still on the Manifest page, under Management, select API permissions.
On the API permissions page that opens, do the following steps:
API / Permissions name: Verify the value Exchange.ManageAsApp is shown.
Status: The current incorrect value is Not granted for <Organization>, and this value needs to be changed.
Select Grant admin consent for <Organization>, read the confirmation dialog that opens, and then click Yes.
The Status value should now be Granted for <Organization>.
Close the current API permissions page (not the browser tab) to return to the App registrations page. You'll use it in an upcoming step.
Step 3:
Attach the Newoldstamp certificate (newoldstamp.cer) to the Azure AD application
1. In the Azure AD portal under Manage Azure Active Directory, click View.
2. Under Manage, select App registrations.
3. On the App registrations page that appears, select your application.
4. Under Manage, select Certificates & secrets.
5. On the Certificates & secrets page that opens, click Upload certificate.
6. In the dialog that appears, browse to file Newoldstamp.cer ( <---click to download) certificate, and then click Add.
Step 4:
Assign a role to the application
1. In the Azure AD portal under Manage Azure Active Directory, click View.
2. Under Manage, select Roles and administrators.
3. On the Roles and administrators page that opens, find and select one of the supporting roles by clicking on the name of the role – Exchange Administrator (not the check box) in the results.
4. On the Assignments page that opens, click Add assignments.
5. In the Add assignments flyout that opens, find and select the app you created in Step 1.
When you're finished, click Add.
6. Back on the Assignments page, verify that the app has been assigned to the role.
Step 5:
Finally, Let us know App ID and original domain.
Сopy your application ID and use it on Newoldstamp to log in along with your domain.
Note that it's crucial to use the domain that has been used to register Microsoft 365 account with - .onmicrosoft.com (e.x. name@newoldstamp.onmicrosoft.com)
