Skip to main content

Set up Holiday Sync Service with Office365 OAuth

How do I use Office365 OAuth with the Holiday Sync Service.

J
Written by Joshua Shooter
Updated over 2 months ago

For Office 365 customers, Holiday Sync Service now supports OAuth authentication. OAuth is a modern and more secure way to authenticate connections.
​
Before you can set it up to use OAuth for Office 365, you need to follow the steps below on Azure Active Directory.

πŸ“ŒNote: You need to be a tenant admin to do this.

Register your application

  1. Under Manage, click App registrations then click New Registration.

  2. Enter a display name for your application, for example, PeopleHR HolidaySync Service.

  3. Select who can use the application.

  4. Under Redirect URL, select Public client/native (mobile & desktop).

  5. Enter the redirect URL then click Register.

Once you've clicked Register, when the Azure portal displays the app registration overview, copy the Application (client) ID and Directory (tenant) ID, as you need to this to complete the Holiday Sync Service setup.

Configure for app-only authentication

  1. Under Manage, click Manifest.

  2. Locate the requiredResourceAccess property then add the following: 

    { "resourceAppId": "00000002-0000-0ff1-ce00-000000000000", "resourceAccess": [ { "id": "dc890d15-9560-4a4c-9b7f-a736ec74ec40", "type": "Role" } ] }

  3. Click Save then, under Manage, click API permissions.

  4. Check that full_access_as_app appears on the list.

  5. Click Grant admin consent for org then click Accept.

  6. Under Manage, click Certificates & Secrets.

  7. Click New client secret then enter a description.

  8. Click Add.

Alternatively, you can generate the client secret using PowerShell:

  • PS> Connect-AzureAD -tenantid your_azure_ad_domain_name

  • PS> $startDate = Get-Date

  • PS> $endDate = $startDate.AddYears(99)

  • PS> New-AzureADApplicationPasswordCredential -ObjectId objectid_from_app_ overview_page -CustomKeyIdentifier "MySecret01" -StartDate $startDate -EndDate $endDate

Once you've done this, copy the value of the newly added client secret and save it, you need this later.

Limit application permissions

By default, OAuth client credentials grant flow allows access to all mailboxes in an organization on Exchange Online. We recommend you limit the application permissions to specific exchange online mailboxes.

Complete the Holiday Sync Service configuration

  1. Open the Holiday Sync Service Config app.

  2. From the Authentication drop-down menu, select OAuth.

  3. Click the Office 365 tab then enter the Application (client) ID, Directory (tenant) ID and Client Secret.

  4. Click Save then, under Windows Services, restart Holiday Sync Service.


​

Related Articles
Holiday sync service with Exchange server
Did this answer your question?