Skip to main content
Mitratech Success Center
Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.

 

TeamConnect IMAP Config with Modern Auth for Exchange Online

  1. Last updated
  2. Save as PDF

Prerequisites

Before using the Mailbox (email) as an Incoming Mail Server, please ensure the following:

  • Disable Multi-Factor Authentication (MFA) in both:
  • Remove Microsoft Push/Microsoft Authenticator from the Mailbox. (This is only required for Resource Owner Password Credential Flow.)

Configuring TeamConnect with M365 Exchange Services

Steps to Follow Screenshot for Reference

1. Go to https://portal.azure.com/ and sign in with your admin account. In the left hand menu, select Azure Active Directory. Under Manage, select App registrations. 

(or) You can also select App registrations under Azure services. 

 Step1.png
2. Click on the + New registration button at the top of the page. Step2.png
3. Fill in the following fields:
  • Name: Enter a name for your application.
  • Supported account types:
    • Choose the account type as Accounts in this organizational directory only (single tenant)

Click on Register once the fields are filled.

 Step3.png

4. After registering of application, navigate to Authentication tab > Advanced Settings

Under the Public client (mobile & desktop) section, toggle Yes to enable public client flows.

This allows your application to request tokens from Azure AD in a secure way without needing a client secret, which is typical for public clients like mobile or desktop apps.

Click Save after making the changes.

 Step4.png

5. Go to the API permissions tab in your app registration.Click on + Add a permission.

Choose Microsoft APIs and select Microsoft Graph. Then, choose the appropriate permissions:

  • Delegated Permissions > IMAP.Access.AsUser.All
  • Application Permissions > Mail.Read

Click + Add a permission again, then choose:

  • APIs my organization uses > Office 365 Exchange Online > Application Permissions > IMAP.AccessAsApp.

Once all permissions are added, click Grant admin consent to grant the required permissions for your app.

Step5.png

6. Log in to TeamConnect Instance as Admin and navigate to Admin > Admin Settings > Email > Incoming Email Server Settings.

  • Check the "Use SSL" box to enable a secure connection.
  • Enter "outlook.office365.com" in the "Incoming Mail Server" field.
  • Input your M365 mailbox email in the "Username" field.
  • Provide your M365 password in the "Password" field.

In the second column: 

  • Enable the "Enable Exchange Oauth" checkbox.
  • Navigate to App Registration > Overview > Essentials, then copy the Application (client) ID and paste it into the "Exchange Application Client ID" field.










     

  • Navigate to Certificates & secrets, then click on + New client secret. Provide the description and click save. Now copy the Secret ID and paste it into the "Exchange Application Client Secret" field.

    Note: When adding a Client Secret, make sure to copy it immediately and save it. The secret will not be displayed again once the user navigates away from the page and returns to the Client secrets section.

 

 

 

 

  • Go to App Registration > Overview > Endpoints Tab, copy the Authority URL (Accounts in this organizational directory only), and add it to the "Exchange Authority" field.

 

 

 

 

Your TeamConnect is now configured with M365 Exchange Services. Please start an email approval workflow to test the connection.

Incoming Mail Server Settings.png


Step6a.png


Step6b.png


Step6c.png

 

Creating Service Principals in Azure Directory for M365 Exchange

Important Links:

Connecting to Exchange Online

1. Run the latest version of PowerShell as Administrator on Windows.

2. Install the ExchangeOnlineManagement module by running the following command:

Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 (select Y for all questions)

3. Import the ExchangeOnlineManagement module by running the command:

Import-Module ExchangeOnlineManagement

4. Establish a connection to Exchange Online using the following command (replace the email with your own):

Connect-ExchangeOnline -UserPrincipalName [USEREMAIL]

Creating a Service Principal

1. To create a new service principal, run the following command (replace [APPID] with your application ID and [OBJECTID] with your service principal object ID): 

New-ServicePrincipal -AppId [APPID] -ServiceId [OBJECTID]

2. To retrieve the Service Principal ID (SID), use the following command: 

Get-ServicePrincipal | fl

3. Add mailbox permissions so that the mailbox can act autonomously. Use the following command, replacing [USEREMAIL] with the user email and [SERVICE PRINCIPAL ID] with the Service Principal ID obtained in the previous step: 

Add-MailboxPermission -Identity [USEREMAIL] -User [SERVICE PRINCIPAL ID] -AccessRights FullAccess