There are three main steps to setup Newoldstamp integration with Microsoft 365:
Register the application in Azure AD.
Create a client secret for the new application.
Assign permissions to access via Graph.
Step 1: Application registration in Azure AD
If you encounter problems, check the required permissions to verify that your account can create the identity.
Go to the Azure AD portal at https://portal.azure.com/ and sign in with your Azure AD account.
Under Manage Azure Active Directory, click View.
Under Manage, select App registrations and then click New registration.
In the Register an application page that appears, configure the following settings:
Name: Enter something descriptive (e.x. newoldstamp-graph)
Supported account types: Select Accounts in this organizational directory only (Microsoft).
Redirect URI (optional): In the first box, select Web.
5. Once all above is done, click Register.
6. Leave the page that appears open. You'll use it in the next step.
Step 2: Create a client secret for the new application
In the Azure AD portal under Manage Azure Active Directory, click View.
Under Manage, select App registrations
On the App registrations page that appears, select your application (e.x. newoldstamp-graph)
Under Manage, select Certificates & secrets.
On the Certificates & secrets page that opens, select Client secrets, click New client secret.
6. In the dialog that appears, provide a Description for the new secret, select the period after which the secret expires, and then click Add.
7. Copy the secret and make sure to save it somewhere to access it later. The secret will not be accessible after you proceed from here.
Step 3: Assign permissions to access via Graph.
In the Azure AD portal under Manage Azure Active Directory, click View.
Under Manage, select App registrations
On the App registrations page that appears, select your application (e.x. newoldstamp-graph)
Under Manage, select API permissions.
On the API permissions page that opens, click Add permission.
6. On the Request API Permissions window that appears, click Microsoft Graph
7. Click Application permissions
Then, the Permission tree appears below:
Expand the Group node and select Group.Read.All
Expand the User node and select User.Read.All
3. Click Add permissions to confirm the selection.
8. On the API permissions page that opens, do the following steps:
Select Grant admin consent for <Organization>, read the confirmation dialog that opens, and then click Yes.
The Status value should now be Granted for <Organization>.
Step 4. Finally, go to the Newoldstamp application and provide the following:
- App ID (as shown below)
- ClientSecret (saved on step 2)
- Tenant ID (as shown below)
Choose if you would like to enable or disable an automatic sync with Active Directory every 24 hours and click Continue: