Skip to main content
All CollectionsExchange/Office/Microsoft 365 integration Exchange/Office/Microsoft 365 with mail flow rules
How to register the Microsoft Exchange App in Microsoft Entra ID (formerly Azure AD) to use rules for set signatures?
How to register the Microsoft Exchange App in Microsoft Entra ID (formerly Azure AD) to use rules for set signatures?

Connect Newoldstamp with Microsoft/Exchange 365 online with Security Defaults enabled with the help of App-only authentication with app ID.

Ira | Newoldstamp avatar
Written by Ira | Newoldstamp
Updated over 10 months ago

Please follow these four main steps to set up Newoldstamp integration with Microsoft 365:

  1. Register the application in Microsoft Entra ID (formerly Azure AD).

  2. Assign API permissions to access Exchange Online.

  3. Attach a certificate (Newoldstamp1.cer).

  4. Assign roles for application.

Step 1: Application registration in Microsoft Entra ID (formerly Azure AD).

If you encounter problems, check the required permissions to verify that your account can create the identity.

  1. Under Azure services, select App registrations and then click New registration.

  2. On the Register an application page, configure the following settings:

    • Name: Enter something descriptive (e.x. Newoldstamp Email Signatures)

      Note: You can change the display name anytime; multiple app registrations can share the same name. The app registration's automatically generated Application (client) ID, not its display name, uniquely identifies your app within the identity platform.

    • By choosing Supported account types, specify who can use the application (sometimes called its sign-in audience.). Select the option Accounts in this organizational directory only.

    • Redirect URI (optional): In the first box, select Web.

4. Once all the above is done, click Register.

Step 2: Assign API permissions to the application.

Note: The procedures in this section replace any default permissions that were automatically configured for the new app. The app doesn't need the default permissions that were replaced.

  1. On the app page, under Management, select Manifest.

  2. On the Manifest page that opens, find the "requiredResourceAccess" entry (on or about line 53).

  3. Modify the resourceAppId, resourceAccess, id, and type values as shown in the following code snippet (​JSON representation):

    ​"requiredResourceAccess": [ 
    {
    "resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
    "resourceAccess": [
    {
    "id": "dc50a0fb-09a3-484d-be87-e023b12c6440",
    "type": "Role"
    }
    ]
    }
    ],​

  4. When you're finished, click Save.

  5. Next, go to API permissions under Management.

  6. On the API permissions page that opens, do the following steps:

    • API / Permissions name: Verify the value Exchange.ManageAsApp is shown.

    • Status: The current incorrect value is Not granted for <Organization>, and this value needs to be changed.

    • Select Grant admin consent for <Organization>, read the confirmation dialog that opens, and then click Yes.

    • The Status value should now be Granted for <Organization>.

Step 3: Attach the certificate (Newoldstamp1.cer) to the Microsoft Entra ID (formerly Azure AD) application.

  1. Under Manage, on the left side menu, select Certificates & secrets.

  2. Click here to download the certificate file (Newoldstamp1.cer).

  3. On the Certificates & secrets page that opens, click Upload certificate.​

  4. In the dialog that appears, browse the downloaded file Newoldstamp1.cer certificate, then click Add.

Step 4: Assign a role to the application.

  1. On the Microsoft Azure portal at https://portal.azure.com/, under Azure services, select Microsoft Entra ID.

  2. Under Manage, click Roles and administrators.

  3. On the Roles and administrators page that opens, find (use the search bar: Exchange) and click the Exchange Administrator role(not the check box).

  4. On the Assignments page that opens, click Add assignments.

  5. In the Add assignments flyout that opens, find and select the app that you registered in Step 1 of this guide and click Add.

  6. Back to the Assignments page and verify that the app has been assigned to the role.

Step 5: Finally, let us know the App ID and original domain when registering O365 (.onmicrosoft.com).

  1. Please go ahead and return to the Microsoft Azure home page and select App registrations.

  2. Under the App registrations, navigate to All applications, find the app you registered, and tap on it to open its Overview.

  3. Copy the Application (client) ID.

  4. Navigate and log in to the Microsoft 365 Admin Center.

  5. In the left-hand menu panel under Settings, click Domains > copy the domain.

Note: It's crucial to use the domain used to register a Microsoft 365 account with - .onmicrosoft.com (e.x. name@newoldstamp.onmicrosoft.com).

Next, open your Newoldstamp account and go to the Integration tab. You can use the copied Application (client) ID and original domain to connect Newoldstamp Microsoft/Exchange 365 integration.


If you have more questions, please check our Knowledge Base for more articles here or contact our Support Team via live chat or email.

Did this answer your question?