Microsoft Entra ID App Registration
To connect Dime.Scheduler to Microsoft 365 and other Azure resources, the administrator needs to grant Dime.Scheduler access to the organization's data on Microsoft 365. In Microsoft Entra ID, this is done with so-called "application registrations". With such registrations, administrators can define what an application is allowed to do. It makes perfect sense to only allow the least permissive permission set and nothing more to prevent potential security leaks.
As you can probably imagine, this being Azure, nearly everything can be done with a multitude of technologies. For the sake of simplicity, we'll stick to two methods:
- PowerShell script
- Manually on the Azure Portal
Either way, once the app registration is made, we'll need the following bits of information to configure the Dime.Scheduler Exchange connector:
- The MS Entra ID tenant id
- The MS Entra ID app registration client id
- The MS Entra ID app registration client secret
Copy these values and paste them in the Exchange setup page, which we'll cover in the next page.
Option 1: Manually create the Microsoft Entra ID App
Registering a new application in Microsoft Entra ID
First things first: you need to log on. Sign in to the Azure portal via this link. Make sure to select the correct account and subscription.
Next up is for you to navigate to the Microsoft Entra ID service. Once you've done that, navigate to the 'Manage' submenu and click on 'App registrations'.
In the panel on the right hand side, click the button called 'New registration'. A new window appears with a form that requires you to fill out the following information:
- Name: Dime.Scheduler would be a good start
- Supported account types: select 'Accounts in this organizational directory only'
- Redirect URI: select web and then enter
https://app.dimescheduler.com/signin-microsoft.
Adding permissions
-
From the app's Overview page, select API permissions.
-
Select the Add a permission button.
-
Add the following permissions:
- Calendars.Read/Write
- MailBoxSettings.Read/Write
- User.Read.All
-
Grant admin consent
-
The result should be something like this:
Obtaining the client id and secret
Three pieces of information are required in order to connect Dime.Scheduler with Microsoft Entra ID:
- Azure Client Id
- Azure Client Secret
- Azure Authorization Endpoint
The client id can be found on the app's home page, as depicted in this image:
The client secret can be obtained by navigating to the 'Certificates & secrets' submenu and creating a new client secret:
You will notice that there is an expiration date to this secret, so make sure to update the key in Dime.Scheduler before it expires. Alternatively, pick a date that's a long time away from now.
Option 2: Run script to create the Microsoft Entra ID App
Open your PowerShell terminal as administrator, and install the script that is published on the PowerShell Gallery.
Install-Script -Name DimeScheduler.InstallExchangeApp
To get and set the location of the script, run the following command:
cd (Get-InstalledScript -Name "DimeScheduler.InstallExchangeApp").InstalledLocation
To run the script below successfully, you'll need to provide two pieces of information:
- The Azure tenant ID
- The Azure tenant name
To obtain this information, follow Microsoft's instructions here.
Run the script:
.\DimeScheduler.InstallExchangeApp.ps1 -tenantId MyAzureTenantId -tenantName 'MyAzureTenantName'
The script will do the following:
- Create an MS Entra ID App Registration
- Create a client secret
- Add the required permissions:
- Calendars.ReadWrite
- MailBoxSettings.ReadWrite
- User.Read.All
- Grant admin consent
At the bottom of the script, the client id and client secret will be returned to the output. Don't forget to copy the client secret because otherwise you'll need to generate another key manually!