Configure the Microsoft Graph mail server

Register an application in Azure Portal

1. Log into the Azure Portal.
2. In the Azure Portal menu, navigate to Microsoft Entra ID.

   

3. In the left pane, navigate to Manage > App registrations.

   

4. Click + New registration on the top toolbar.

   

5. In the Register an application window that opens, configure the following:
   • In the Supported account types section select Accounts in this organizational directory only (tenant only - Single tenant). For more information, see Microsoft documentation.
   • In the Redirect URI (optional) section select Web and in the value field insert the FQDN of the Application Workspace Zone you want to add, with the /api/auth/token/end suffix.
6. Click Register on the bottom left, to complete the initial app registration.
7. You need to generate a client secret that facilitates communication between Application Workspace and Microsoft Entra ID (Azure AD). In the newly created app registration, navigate to Manage > Certificates & secrets > Client secrets > New client secret.

   

8. Add a description and an expiration date for your client secret and then click Add. Note down your client secret after you create it because there is no way of retrieving the value after you leave this screen.
9. You need to add permission to your app registration. With the new app open, navigate to Manage > API permissions and add the Mail.Send permission.
10. After you add the permission, click Grant admin consent for {your tenant} above the permission list. It can take up to an hour before these settings take effect in Microsoft Entra ID (Azure AD).

    

Example:

https://<Virtual Host>/api/auth/token/end

Application Workspace configuration

1. In Application Workspace, navigate to Manage > System > Mail Settings.
2. Click Create. The Create mail server dialog box opens.
3. On the Type screen, select Microsoft Graph.
4. On the Overview screen enter the desired name, description and priority. After you finish inserting all necessary information, click Next.
5. On the Settings screen, configure the following:
   • Enter the client ID and tenant ID of the application you previously registered in Register an application in Azure Portal . You can find them in the Overview screen within Microsoft Entra ID (Azure AD).
   • The client secret you generated earlier in Register an application in Azure Portal at step 7.
   • In the From field insert the mail address used to send the emails.
6. On the Summary screen, click Finish.