Skip to main content
All CollectionsE-mail servicesGeneral
Technical details - Exchange/Microsoft 365 integration
Technical details - Exchange/Microsoft 365 integration

Overview of Scope and Permissions of the integration of Azure Enterprise Application with webCRM

Updated over 7 months ago

Overview of Scope and Permissions

The integration of Azure Enterprise Application with webCRM is designed to be secure and efficient, adhering to strict permission scopes while providing robust functionality for email and calendar management.

These scopes ensure that webCRM can interact with the required Microsoft services without granting excessive permissions, thus maintaining a secure environment.

Current Scopes

  • Exchange Access via EWS: https://outlook.office.com/EWS.AccessAsUser.All

    • Allows webCRM to access Microsoft Exchange services, including calendars and emails.

  • Calendar Management via Microsoft Graph: https://graph.microsoft.com/Calendars.ReadWrite

    • Used to create and manage calendar meetings, including those with Microsoft Teams links.

  • SharePoint Document Management: https://graph.microsoft.com/Files.ReadWrite.All

    • This allows for an integration with SharePoint for document handling within webCRM.

Access Rights and Impersonation

No additional rights are automatically granted within webCRM or Exchange through these scopes. If the integration utilises impersonation, the connected account must be granted impersonation rights. Alternatively, individual users can log in with their own accounts without additional permissions.

Technical Details on Data Flow

Email Synchronization with EWS

webCRM utilizes the Exchange Web Services (EWS) protocol to interact with Outlook for email retrieval and management. This choice supports compatibility with both Office 365 and on-premise Exchange installations, providing a unified logic for email operations.

EWS Protocol Overview:

Calendar Synchronization

Calendar Event Creation

Meetings are created in Microsoft Exchange and the details are then pushed to webCRM. This process involves several key operations:

  1. Syncing Calendar Updates:

  2. Push Notifications Subscription:

  3. Meeting Creation from webCRM:

    • The Save method on the Appointment class is used to create a meeting in Outlook.

    • This triggers a push notification to which webCRM is subscribed, prompting it to sync the newly created appointment back to webCRM.

Observations on Data Security

During the synchronization process, webCRM ensures that only the calendar information of the particular user account involved is accessed, mitigating the risk of exposing entire organizational calendars.

Did this answer your question?