ex_login_O365_OAuth_Graph

Login to Office 365 with OAuth by using Microsoft Graph API.

Member of namespace

Ewsmail

Syntax

bool ex_login_O365_OAuth_Graph (string clientId , string tenantId , string username , string password)

Parameters

clientId
Type: string
Application (client) ID from Azure Active Directory - App registrations
tenantId
Type: string
Directory (tenant) ID from Azure Active Directory - App registrations
username
Type: string
Username of Office 365 account
password
Type: string
Password of Office 365 account

Smart parameters are supported for all parameters.

Parameters (clientId, tenantId, username, password) can be encrypted by storing it in the Advanced section of the Custom tab in the Application Manager.

To retrieve parameters that is stored in the Advanced section, use a smart parameter for the action's parameters similar to @APPVAR(values/adv/password) where password is the name entered for the value in the Application Manager.

Returns

True if the login succeeds. Otherwise, False.

Level

Batch level, open event.

Details

To use the authentication service that is provided by Azure Active Directory have the Administrator run the following required steps to enable support for Microsoft Graph on the Datacap system.

Note: The "ex_login_O365_OAuth_Graph()" action does not support indirect login, using single sign-on (SSO) or other organization-specific authentication method. It supports only direct login, using Microsoft account username and password.
  1. Register the application with Azure Active Directory by logging in to the Microsoft Entra admin center with a Global Administrator login.
  2. From the Manage menu, select Authentication, set the option Allow public client flows to Yes, and click Save.Select Authentication in the Manage menu, set the Allow public client flows, and click Save.

  3. From the Manage menu, select API permissions > Add a Permission > Microsoft Graph > Select Delegated Permissions.

    Select Microsoft Graph under Request API permissions

    Under Mail, check the box for Mail.ReadWrite.

    Select Mail.ReadWrite.

    Click Add Permissions.

    Under the Manage menu, go to "API permissions" and select "Add a permission".
  4. Click Grant admin consent to grant access to Mail.ReadWrite.
Example:
ex_login_O365_OAuth_Graph("00000000-0000-0000-0000-000000000000", "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "user@organization.com", "@APPVAR(values/adv/password)") 
ex_scan_graph() 
ex_logout_graph()

If more than one login (ex_login_O365_OAuth_Graph) is used, the second action is ignored unless authentication fails, expires, or ex_logout_graph() was used before the second action disconnected.

See also

ex_login