support

Articles in this section

How to setup OAuth authentication for Evoko Home with Office 365

Last updated

This is the revised configuration guide for Evoko Home with Office 365 using Modern Authentication/OAuth. The previous oAuth guide was using the legacy oAuth implementation.

To use oAuth with EWS for Office 365, You have to register a custom application in the Azure Active Directory for the Office 365 tenant and gather some information. Please follow the guide below.

Please use Evoko Home version 2.2 or later to setup OAuth with Office 365.

Article contents

  1. Preparations
  2. Configure the Azure app and collect information
  3. Register App for use with oAuth in EWS
  4. Login using OAuth in the Evoko Home v2.2 configuration Wizard

1: Preparations

Follow the Booking system preparation guide for Office 365

Important! The booking system preparation instructions have been updated. If you configured impersonation in the past, please revisit the impersonation section and re-apply the impersonation.

2: Configure the Azure app and collect information

Find the tenant name or ID for your Office 365 Tenant in Azure Active Directory

You can use either tenant name or ID in the Evoko Home configuration wizard. Note this down for use in the Evoko Home configuration wizard.

Alternative 1: Use the tenant ID

  1. Login to Office 365 Admin Portal and open Azure AD Admin Portal by clicking “Azure Active Directory” under Admin Centers (click “Show All” to show Admin Centers if menu hidden).1.png
  2. This will open Azure Active Directory admin center Dashboard. You can also visit this dashboard by URL: https://aad.portal.azure.com
    2.png
  3. Click Azure Active Directory in left panel and click “Properties” under “Manage” section.
  4. Make a note of “Directory ID”, in this case 5024441e-8554-4dbf-9a00-d90e298448e8. This is “Office 365 Azure AD Tenant ID”
    3.png

Alternative 2: Use the tenant name

When you signed up for Office 365, Microsoft generated a unique tenant name for your tenant. It is in the form of “<customer id>.onmicrosoft.com”. You can also find this in “Domains” section under “Setup” in the Office 365 Admin Portal. There will be only one domain with suffix “onmicrosoft.com”.
Success! You have the information needed for Office 365 Azure AD Tenant ID.

3: Register App for use with oAuth in EWS

  1. In the Azure AD portal, click “App Registrations” to open the App registrations blade.
    4.png
  2. Click the New Registration button. Fill in name and redirect URI https://localhost and click Register.
    5.png
  3. Once application is created, you can see the details page. Make a note of “Application (client) ID” value for the Evoko Home configuration wizard.
    Success! You have the information needed for Office 365 Azure AD Application ID.
    6.png
  4. Click on “Authentication”. Scroll down and enable “Treat application as public client” by selecting “Yes”.  Press 'Save'.
    Note! Make sure that “Access Token” and “ID Tokens” are not selected.
    7new.png
  5. Go to “API permissions” setting.8.png
  6. Click “Add a permission” button, scroll down and select “Exchange”.9.png
  7. In the permission selection page, select “Delegated Permission”, which will open the list of permissions for Delegated access. Expand “EWS” and select “EWS.AccessAsUser.All”. Click the Add permission button.10.png
  8. You should now see the application permissions.
    11.png

4: Login using OAuth in the Evoko Home v2.2 configuration Wizard

  1. Select “Modern (OAuth)” from the drop down on the credentials page.
  2. Use the notes from the previous steps for the appropriate fields and click “Connect”.
    12.png

Login to Service Account

The wizard will now wait for you to log on using the provided URL and code.

Important! Make sure to login with the service account created for this purpose, if you sign in with other account it will succeed in the authentication but the application will not work.

13.png

Login at Microsoft Azure

On the provided URL, enter the code from the wizard then click "Next".

14.png

Notice the application name you configured for this.

15.png

Once you sign in using service account credential, it will prompt for the consent dialog. This happens only for first login to this application, subsequent login remembers the consent.

Review the dialog and click "Accept".

16.png

You should now see the following screen which informs you to safely close this window.

17.png

Switch back to the Evoko Home 2.2 Setup Wizard and continue to the next step.