Register CodeTwo application in Microsoft Entra ID

The Sent Items Update (SIU) service in CodeTwo Exchange Rules Pro connects to Microsoft 365 (Office 365) by using the secure OAuth 2.0 authorization protocol. To enable this connection, first you need to register the CodeTwo application in Entra ID (Azure AD) for all Microsoft 365 tenants that will be used in your CodeTwo software. Next, to allow the CodeTwo application to access your data and perform the necessary tasks, you also need to grant the necessary permissions to that application.

Important

Keep in mind that CodeTwo Exchange Rules Pro can perform the registration automatically (learn more). You simply need to provide a Microsoft 365 global admin credentials in server connection wizard. 

Use the links below for guidelines on how to register the CodeTwo application in Entra ID:

  1. Register a new application in Entra ID
  2. Configure application permissions
  3. Assign certificates / secrets to an app in Entra ID

Registering a new application in Entra ID

  1. Sign in to your Microsoft Entra admin center.
  2. Navigate to Azure Active Directory (Identity) > ApplicationsApp registrations.
  3. Click New registration (Fig. 1.). This opens the Register an application page.

Starting an app registration in the Microsoft Entra admin center.
Fig. 1. Starting an app registration in the Microsoft Entra admin center.

  1. Enter a name for the application and click Register (Fig. 2.). You can leave the other options to their defaults.

Registering the CodeTwo application with Entra ID.
Fig. 2. Registering the CodeTwo application with Entra ID.

Configuring application permissions

  1. On the application Overview page, click View API permissions (Fig. 3.). The API permissions page will open.

Accessing the API permissions page.
Fig. 3. Accessing the API permissions page.

  1. Click the Add a permission button and in the pane that opens click APIs my organization uses (Fig. 4.).

Listing all APIs available for your organization.
Fig. 4. Listing all APIs available for your organization.

  1. Enter Office 365 in the search box and select Office 365 Exchange Online (Fig. 5.).

Finding the Exchange Online API.
Fig. 5. Finding the Exchange Online API.

  1. Click Application permissions, expand Other permissions, select full_access_as_app and then click Add permission (Fig. 6.).

Adding a new permission to an application in Entra ID.
Fig. 6. Adding a new permission to an application in Entra ID.

  1. Back on the API permissions page, click the Grant admin consent button (once it becomes available) and then click Yes to confirm (Fig. 7.).

Granting the necessary consents.
Fig. 7. Granting the necessary consents.

Assigning certificates / secrets in Entra ID

You need to assign a certificate or client secret (app password) to the newly added application. This will allow the OAuth protocol to prove the application’s identity. Follow the steps below to assign a certificate or add a client secret to the CodeTwo application registered in Entra ID.

  1. Navigate to Azure Active Directory (Identity) > Applications > App registrations and select the newly added application.
  2. In the navigation menu, click Certificates & secrets (see Fig. 8.). Now, you need to assign either a certificate or client secret to the CodeTwo application. 
  3. 3a To assign a certificate, click CertificatesUpload certificate, select your certificate file and click Add (Fig. 8.). The certificate needs to be signed with a key size of 2048 bits.

Assigning a certificate in Entra ID.
Fig. 8. Assigning a certificate in Entra ID.

  1. 3b To add a client secret, click Client secrets > New client secret, enter a short description, select the expiration time (whichever suites your needs) from the drop-down menu, and click Add (Fig. 9.).

Creating a new client secret for an application registered in Entra ID.
Fig. 9. Creating a new client secret for an application registered in Entra ID.

Important

Make sure to copy the client secret value to clipboard (Fig. 10.) or use it in your CodeTwo application straightaway, because once you refresh the page, you will not be able to view that value again. You will have to create another client secret.

How to copy the client secret value to clipboard.
Fig. 10. How to copy the client secret value to clipboard.

Once done, the application registration process is completed. You can now configure the SIU service by following these steps.

In this article

Was this information useful?