Microsoft made changes in October 2022, meaning that everyone who uses the older more basic connectivity and setup loses that functionality unless you reset it up as per this guide.
β
π βNote: Most of the steps detailed below will need to be completed by your IT/eMail provider.
Office 365 configuration
To enable Email Sending and/or Exchange Email Sync task to access company email accounts using Modern (OAuth) Authentication, follow the steps below.
β
You need to follow these steps when you're setting up a new RCRM/O365 Tenant or when you're migrating an existing Tenant that used Basic Authentication. You can use the same App Registration for both Sending Emails and Exchange Sync. Therefore, if you've previously configured Exchange Sync, to enable Send Email, skip to the creating Permissions section in the steps.
β
π βNote: At the end of the configuration steps, you should have three values written down: an Application (client) ID, a Directory (tenant) ID and a Client secret value.
If you set up a new RCRM or O365 tenant or migrate an existing tenant used in Basic Authentication:
Log into the Azure Portal with an administrator account.
In Azure Active Directory, click View.
Click App Registrations, then click + New Registration.
For the name, enter RCRM, then select Accounts in any organizational directory (Any Azure AD directory β Multitenant).
Click Register and make a note of the Application (client) ID and the Directory (tenant) ID.
Click Manifest.
Find the RequiredResourceAccess property. This looks like this:
"requiredResourceAccess": [],
or more likely the array within the square brackets will already contain some values and look like this
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
}
]
}
],
Add the following additional JSON text to the requiredResourceAccess array:
{
"resourceAppId":"00000002-0000-0ff1-ce00-000000000000",
"resourceAccess":[
{
"id":"dc890d15-9560-4a4c-9b7f-a736ec74ec40", "type":"Role"
}
]
}If the requiredResourceAccess array already contains a value, add the new JSON text above to what is already there, separated by a comma. Your final requiredResourceAccess property should look like this:
β"requiredResourceAccess": [
{
"resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
"resourceAccess": [
{
"id": "dc890d15-9560-4a4c-9b7f-a736ec74ec40",
"type": "Role"
}
]
},
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
}
]
}
],Click Save.
Click Certificates & Secrets.
Click Client secrets, then click + New Client Secret.
Enter an Exchange Sync description.
Set the Expires value to 24 months. Click Add.
Make a note of the expiry date and diarise this so you can make sure to create a new one and avoid disruption of email sending for your business.
Write down the client secret value (not the Secret ID).
π Note: If you don't write it down now, you won't be able to view this later and will have to delete the existing client secret and add a new one.
Click API Permissions.
Set the permissions as follows for each feature:
β
π βNote: If Exchange Sync was previously configured, just the Send Email permissions need to be added.
RCRM feature | Microsoft permission |
Exchange Sync | If these permissions are missing:
|
Send Email |
|
Click Grant admin consent for [your company name].
You should now have a note of three values: An Application (client) ID, a Directory (tenant) ID and a Client secret value.
You should also have a note of the secret expiry date to diarise when to renew it.