Microsoft Exchange Online - Azure configuration

Effective October 1st 2022, Microsoft will commence decommissioning Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online, and any new Microsoft 365 tenants are created with Basic authentication already disabled. SMTP Authorisation will also be disabled if it is not being used.

For more information on these changes, see the following documentation from Microsoft:

• Basic Authentication and Exchange Online - September 2021 Update

• Depreciation of Basic authentication in Exchange Online

1. Overview

To use Microsoft Exchange Online as an inbound or outbound Email Channel, the ipSCAPE workspace must first be registered as an application with the Azure Active Directory tenant to establish a trust relationship between the workspace and Microsoft's identity platform.

2. Prerequisites

• A tenant set up with an active Azure account with subscription.

• A Microsoft account from Azure for use as the Microsoft Exchange email channel in ipSCAPE

It is recommended for receiving / inbound campaigns that the email address selected is not used for other purposes (i.e. personal or shared addresses) as Email campaigns in ipSCAPE will retrieve all incoming emails.

3. Create the application registration

Global Administrator permissions for the Azure user configuring the application is required to complete the following sections.

See Microsoft Azure Active Directory (Integrations) for instructions how to create the registration of ipSCAPE in Azure Active Directory.

• When registration finishes, the Azure portal displays the ipSCAPE app registration's Overview pane showing the Application (client) ID and Directory (tenant) ID which are required to configure the email channel in the ipSCAPE workspace.

Once the application is registered in Azure, proceed to Add a Redirect URI in the next section.

4. Add a redirect URI (Email)

A redirect URI is the location where the Microsoft identity platform redirects a user's client and sends security tokens after authentication. A redirect URI can be added or modified by configuring the platform settings.

To configure application settings registered in the previous section, see Email Channel Redirect URI Configuration

5. Add Credentials - Client Secret

Sometimes called an application password, a client secret is a string value that can be used in place of a certificate as identity.

To configure application settings registered in the previous section, see Add Client Secret

Ensure to record the secret's value as this is required to use in the email channel configuration in ipSCAPE.
The client secret value will not display again after leaving this page. If lost, a new secret will need to be reconfigured from the steps above.

Once configured, the Email Channel in ipSCAPE can now be set up and authorised/validated. See https://v8-knowledgehub.ipscape.com/TAW/Email-Channels.1506771183.html