Office 365 - Authentication

Authentication 

For backups, grant Magnus Box the ability to read data from your Office 365 account. Please pay attention to the credentials provided as a significant amount of access to the Office 365 organization occurs. This grant is done by creating an "Application" inside Azure AD. This application can be created automatically or manually.

Automatic application registration 

Click the "Azure Active Directory" button. This opens a registration application wizard dialog that steps you through the process to automatically register. Authenticate with Azure as a top-level administrator. 

Manual application registration 

If you are unable to use the automatic application registration, you can register the application manually via the Azure AD web interface via the following steps:

  1. Register a branded application inside the Azure Active Directory panel:


    • Click "App registrations" > "New registration"
    • Enter an application name (e.g. "My Branded Office 365 Backup Product"). The other options can be left as default
    • Click the "Register" button.
    • Copy the Application (client) ID field into Magnus Box's Application ID field
    • Copy the Directory (tenant) ID field into Magnus Box's Tenant ID field
      • Ensure that there are no extra spaces in the field after the Tenant ID
  2. Register an authentication secret for the application:

    • Click the "Certificates & secrets" left-hand tab
    • In the "Client secrets" section, click the "New client secret" button
    • Create a new secret
      • Specify any name (e.g. "My Magnus Box integration credentials") and any expiry (e.g. "Forever / No expiry")
    • Copy the Value column into Magnus Box's Application Secret field
  3. Grant this application permission to read Office 365 data:
    • Click the "API permissions" left-hand tab
    • Click the "Add a permission" button

    • Find and add the following permissions:
      • "APIs my organization uses" > "Office 365 Exchange Online" > Application permissions > ...
        • "Other permissions" > full_access_as_app
      • "Microsoft APIs" > "Microsoft Graph" > Application permissions > ...
        • Application.Read.All
        • Calendars.Read
        • ChannelMessage.Read.All
        • Contacts.Read
        • Directory.Read.All
        • Files.Read.All
        • Files.ReadWrite.All
        • Group.Read.All
        • GroupMember.Read.All
        • Mail.Read
        • Notes.Read.All
        • Reports.Read.All
        • Sites.FullControl.All
        • Sites.Manage.All
        • Sites.Read.All
        • Sites.ReadWrite.All
        • TeamMember.Read.All
        • TeamMember.ReadWrite.All
        • User.Read.All

    • Back on the API permissions page, click the top "Grant admin consent for (My Organization Name)" button

The authentication details are automatically populated in the desktop app, use the "Test Connection" button to validate the Office 365 credentials.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us