Skip to main content

Microsoft Entra ID App Registration

To connect Dime.Scheduler to Microsoft 365 and other Azure resources, the administrator needs to grant Dime.Scheduler access to the organization's data on Microsoft 365. In Microsoft Entra ID, this is done with so-called "application registrations". With such registrations, administrators can define what an application is allowed to do. It makes perfect sense to only allow the least permissive permission set and nothing more to prevent potential security leaks.

As you can probably imagine, this being Azure, nearly everything can be done with a multitude of technologies. For the sake of simplicity, we'll stick to two methods:

  • PowerShell script
  • Manually on the Azure Portal

Either way, once the app registration is made, we'll need the following bits of information to configure the Dime.Scheduler Exchange connector:

  • The MS Entra ID tenant id
  • The MS Entra ID app registration client id
  • The MS Entra ID app registration client secret

Copy these values and paste them in the Exchange setup page, which we'll cover in the next page.

Option 1: Manually create the Microsoft Entra ID App

Registering a new application in Microsoft Entra ID

First things first: you need to log on. Sign in to the Azure portal via this link. Make sure to select the correct account and subscription.

Next up is for you to navigate to the Microsoft Entra ID service. Once you've done that, navigate to the 'Manage' submenu and click on 'App registrations'.

Microsoft Entra ID

In the panel on the right hand side, click the button called 'New registration'. A new window appears with a form that requires you to fill out the following information:

  • Name: Dime.Scheduler would be a good start
  • Supported account types: select 'Accounts in this organizational directory only'
  • Redirect URI: select web and then enter

Adding permissions

  • From the app's Overview page, select API permissions.

  • Select the Add a permission button.

  • Add the following permissions:

    • Calendars.Read/Write
    • MailBoxSettings.Read/Write
    • User.Read.All
  • Grant admin consent

  • The result should be something like this:

    Microsoft Entra ID permissions

Obtaining the client id and secret

Three pieces of information are required in order to connect Dime.Scheduler with Microsoft Entra ID:

  • Azure Client Id
  • Azure Client Secret
  • Azure Authorization Endpoint

The client id can be found on the app's home page, as depicted in this image: Microsoft Entra ID Client ID

The client secret can be obtained by navigating to the 'Certificates & secrets' submenu and creating a new client secret:

Microsoft Entra ID Client ID

You will notice that there is an expiration date to this secret, so make sure to update the key in Dime.Scheduler before it expires. Alternatively, pick a date that's a long time away from now.

Option 2: Run script to create the Microsoft Entra ID App

Open your PowerShell terminal as administrator, and install the script that is published on the PowerShell Gallery.

Install-Script -Name DimeScheduler.InstallExchangeApp

To get and set the location of the script, run the following command:

cd (Get-InstalledScript -Name "DimeScheduler.InstallExchangeApp").InstalledLocation

To run the script below successfully, you'll need to provide two pieces of information:

  • The Azure tenant ID
  • The Azure tenant name

To obtain this information, follow Microsoft's instructions here.

Run the script:

.\DimeScheduler.InstallExchangeApp.ps1 -tenantId MyAzureTenantId -tenantName 'MyAzureTenantName'

The script will do the following:

  • Create an MS Entra ID App Registration
  • Create a client secret
  • Add the required permissions:
    • Calendars.ReadWrite
    • MailBoxSettings.ReadWrite
    • User.Read.All
  • Grant admin consent

At the bottom of the script, the client id and client secret will be returned to the output. Don't forget to copy the client secret because otherwise you'll need to generate another key manually!