Azure AD configuration

Important: in order to authenticate through Azure AD you need to have Mail Gateway version 2.1.13.0 or later

Follow these steps to configure authentication for Mail Gateway against Azure AD:

1. Navigate to the Azure Active Directory Admin Center and select App registrations.
2. Select New registration.
3. On the first page specify:
   • A display name for the application, e.g. Lime CRM Mail Gateway.
   • That the application is for your own tenant only.
   • For Redirect URI select Public client and set [https://login.microsoftonline.com/common/oauth2/nativeclient](https://login.microsoftonline.com/common/oauth2/nativeclient "https://login.microsoftonline.com/common/oauth2/nativeclient") as the URI.
4. For the newly created application registration, go to Authentication and enable Allow public client flows.

5. Configure API permissions: 1. Go to API permissions and select Add a permission. 2. Select Office 365 Exchange Online from the APIs my organization uses section. 3. After choosing “Delegated permissions”, check the EWS > EWS.AccessAsUser.All permission and click Save. 4. click Grant admin consent. 6. Go to the Overview page and make a note of the following identifiers that you need for the [mailbox](https://docs.lime-crm.com/addons/mail-gateway/configuration#mailbox "addons:mail-gateway:configuration") elements in the Mail Gateway configuration file: * Application (client) ID * Directory (tenant) ID

A sample of how the configuration should look can be found [here](https://docs.lime-crm.com/addons/mail-gateway/configuration#sample-configuration "addons:mail-gateway:configuration") and the actual configuration file can be found either through the software Mail Gateway Configurator or the file MailGateway.Service.exe.config found in the installation folder, typically C:\Program Files (x86)\Lundalogik\LIME Pro Mail Gateway

• Last modified: 17 months ago
• by Viktor Eliasson