Skip to main content

Configure Flight Vector to use Exchange Web Services with Modern Authentication

Lauren Villegas
Updated

FlightVector has historically accessed Microsoft Exchange inboxes using the Exchange Web Services API using Basic (username/password) authentication. Microsoft is moving to deprecate that method of authentication, replacing it with their “Modern Authentication” using a client id and client secret. This requires some work in Exchange to configure, as described below.

 

Instructions

  1. In a browser signed in as an email administrator, go to Azure Active Directory and choose App Registrations. Click New Registration.

     

  2. For the Name field, enter something like FlightVector Exchange Mail Access. For the Supported Account Types, choose “Accounts in this organizational directory only (Flight Vector only - Single tenant)”. Leave the “Redirect URI” blank.

  3. Next, the application must have a client id and secret generated. Please ensure you are copying the Value and not the Secret. Under the new application, which you should have bene redirected to, choose Certificates and Secrets. Click ‘New client secret’, configure its expiration, and hit add. You will need to generate a new secret and enter it into the FlightVector settings to avoid the expiration of the secret from interrupting the email interface.

  4. Copy the client secret and enter into FlightVector in the settings menu under Exchange Client Secret.

  5. From the Overview section, copy the “Application (client) ID” and enter it into the “Exchange Email Client ID” setting of FlightVector. Also from the Overview section copy the “Directory (tenant)ID”and enter it into the“ExchangeEmailTenantID” setting of FlightVector.

    1.  

  6. Enter the email address to be used by the CAD in the Exchange Email Username field. Leave the password blank, since the client ID and secret are being used instead.

  7. Following the instructions at Role Based Access Control for Applications in Exchange Online | Microsoft Learn, limit the application permissions to just the inbox to be used.

  8. The application needs to be granted access the full_access_as_app permission (which is subject to the account limitation set up in the previous step.) Under “API Permission”, click “Add a permission” and search for “Office 365 Exchange Online”. Click “Application Permissions”, and then check “full_access_as_app”. Click “Add permission” to confirm.

    1.  

  9. An administrator must grant consent for this permission. From the top level of Azure Active Directory, choose Enterprise Applications and search for the name of the application you created. The suggested name in the instructions above was FlightVector Exchange Mail Access.

    1.  

  10. The FlightVector server should now be receiving messages from and sending through the Exchange mailbox. Note that it deletes messages from the inbox after receiving and processing them.

 

 

Related to

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk