Setting up mailboxes for OAuth 2.0 authorization
To set up mailboxes using the OAuth 2.0 authorization protocol:
- Follow all the steps as described in Microsoft Azure documentation to create an Azure application for the mailbox(es) that will be accessed by Genesys E-mail Server.
- In step 6 [where is step 6? I didn't see it],
- Select Accounts in any organizational directory (Any Azure AD directory – Multitenant).
- Leave the Redirect URI empty.
After the application is created, it should look similar to this (click to expand it):
Where, esj_office365_imap is the Azure application name. Write down the Application (client) ID and the Directory (tenant) ID, you must provide later for the configuration.
If you open the Supported account types and Redirect URIs, it should look like:
The Application ID URI should be empty:
Add Application Permissions
Read through this Permissions and consent in the Microsoft identity platform endpoint article to understand permissions and consent.
This is a good reference document Configure permissions for Microsoft Graph, although it focuses on getting permission for the Graph API. For IMAP and EWS, the application must have the following permissions granted by the Company Admin depending on the email protocols used:
(To confirm if SMTP is needed and pop3) - [Is this a step?]
Mailbox Setup
The mailbox has the following special settings in the company’s system:
- Mult-factor authentication is disabled on the mailbox.
- The IMAP protocol is enabled (if IMAP is used).
- The POP3 protocol is enabled (if POP3 is used)
- No need for the EWS protocol.