Skip to main content

How to register the Microsoft Graph App on the Microsoft Azure portal?

Registering the Microsoft Graph App on the Microsoft Azure Portal.

Yara | NEWOLDSTAMP avatar
Written by Yara | NEWOLDSTAMP
Updated over 6 months ago

Before you start, please check the table below about which platforms and Outlook versions support add-in:

Platform

Outlook version

Supported version and later

Windows

- Microsoft 365 subscription
- retail perpetual Outlook 2016 and later
Note: Retail versions only!
(for now, volume-licensed versions don’t include the necessary API requirements sets)

from Version 2104, build 13929.20296 or above

Mac

- new UI
Note: Only the New Outlook interface is supported
(go to Outlook > New Outlook to enable it)

from Outlook
Version 16.38.506

Web browser

- Modern Outlook UI when connected to Exchange Online:
subscription, Outlook.com

-

Note: If you have an Office 2021 LTSC or any other oldest Office with an old Outlook version, please update them to the newest version specified above.

Additionally, you can check the Microsoft article Outlook JavaScript API requirement sets for more details.

Next, please follow these three main steps to set up Newoldstamp integration with Microsoft 365:

  1. Register the application in the Microsoft Azure portal.

  2. Create a client secret for the new application.

  3. Assign permissions to access via Graph.

Step 1: Application registration on the Microsoft Azure portal.

If you have problems, please check the required permissions to verify that your account can create the identity.

  1. Go to the Microsoft Azure portal at https://portal.azure.com/ and sign in with your Microsoft Azure account.

  2. Under Azure services, select App registrations and then click New registration.

  3. In the Register an application page that appears, configure the following settings:

    • Name: Enter something descriptive (e.x. newoldstamp-graph)

      Note: You can change the display name anytime. Additionally, multiple app registrations can share the same name. The app registration's automatically generated Application (client) ID, not its display name, uniquely identifies your app within the identity platform.

    • By choosing Supported account types, specify who can use the application (sometimes called its sign-in audience.). Select the option Accounts in this organizational directory only.

    • Redirect URI (optional): In the first box, select Web.

5. Once all the above is done, click Register.

6. Leave the page that appears open. You'll be able to use it in the next step.


Note: When registration finishes, the Microsoft Entra admin center displays the app registration's Overview pane. You see the Application (client) ID. Also called the client ID, this value uniquely identifies your application in the Microsoft identity platform.

Step 2: Create a client secret for the new application.

  1. Under Manage on the left side menu, select Certificates & secrets.

  2. On the Certificates & secrets page that opens, select Client secrets, and click New client secret.

  3. In the dialog that appears, provide a Description for the new secret, select the period after which the secret expires, and then click Add.

  4. Copy the secret value and make sure to save it somewhere to access it later because the secret will not be accessible after you proceed from here.

    Note: Copy the secret value on that step because it will not be accessible after you proceed from here.

Step 3: Assign permissions to access via Graph.

  1. Under Manage, on the left side menu, select API permissions.

  2. On the API permissions page that opens, click Add permission.

  3. On the Request API permissions window that appears, click Microsoft Graph.

  4. Click Application permissions.

  5. Then, the Permission tree appears below:

    • Expand the Group node and select Group.Read.All

    • Expand the User node and select User.Read.All

  • Click Add permissions to confirm the selection.

8. On the API permissions page that opens, do the following steps:


Select Grant admin consent for <Organization>, read the confirmation dialog that opens, and then click Yes.

The Status value should now be Granted for <Organization>.


Note: If you use Key Vaults, please ensure you configure access policies on resources by checking this Microsoft guide.

Step 4. Finally, go to the Newoldstamp application and provide the following:

- Application (client) ID (as shown below):

- Client secret (saved on Step 2)

- Directory (tenant) ID (as shown below)

Choose if you would like to turn on or off an automatic sync with Active Directory every 24 hours and click Continue:

Done! The add-in has been registered. Now, please follow the steps in this guide to centrally install the add-in to the users in your organization.

Do you have other questions? You can check our Knowledge Base for more articles here or contact our Support Team via Live Chat or Email.

Not a Newoldstamp user? Click here to sign up.

Did this answer your question?