Page Comparison

To manage Exchange, the EmpowerID Exchange Online microservice requires registering a service principal application

in the Exchange tenant to provide Azure AD authentication to the app service that hosts the Exchange microservice. Once registered, the service principal needs to be granted the Application permission Exchange.ManageAsApp, which is needed to access Exchange Online resources.

Register

the service principal

1. In Azure, navigate to your Azure Active Directory.

2. On the Azure Active Directory navbar, click App registrations.

3. On the App registrations page, click New registration.
   

   Image Modified

4. Name the application, select the scope (single or multitenant), and click Register.

1. Once the application is registered, copy the Application (client) ID and Directory (tenant) ID from the Overview page. These values are used later.
   

   Image Modified

Grant API permissions to the service principal

1. On the navbar for the app, select Manifest to open the Manifest editor.
   

   Image Added

2. Locate requiredResourceAccess in the editor.
   

   Image Added

    

3. Copy the below code and replace the default requiredResourceAccess object with it.
   

   Code Block
   "requiredResourceAccess": [ { "resourceAppId": "00000002-0000-0ff1-ce00-000000000000", "resourceAccess": [ { "id": "dc50a0fb-09a3-484d-be87-e023b12c6440", "type": "Role" } ] } ],

    

4. Verify your changes look like that shown below and then click Save.
   

   Image Added

    

5. Navigate to the API permissions blade for the app and confirm that Exchange.ManageAsApp appears as a permission.
   

   Image Added

Next Steps

Create an App Service for the Exchange Online Microservice