Graph application for Email director

Creation & Configuration

1. Log in to the Azure Portal for your tenancy.

2. View the Azure Active Directory.  

3. Select App registrations.

4. Create a new registration.

5. Enter a name for the application.

6.  Click register.

7.  Select authentication.

8. Click add a platform.

9. Select mobile and desktop applications.

10. Check the option for https://login.microsoftonline.com/common/oauth2/nativeclient

11. Click Configure.

12. Under supported account types select the option for ‘Single tenant’.

13.  Under advanced settings allow public client flows set to No.

14. Click Save if there are any changes.

API Permissions

1. Select API permissions.

2. Click Add a permission.

3. Select Microsoft Graph.

4. Select Application permissions.

5. Search and select the following graph permissions:

• Group.Read.All
• Mail.Read
• Mail.ReadWrite
• User.Read.All

6. Click the Grant admin consent option.

7. Click Yes.

8. Confirm the permissions have been granted under Status.

9. Select Certificates & secrets.

10.  Click New client secret.

11. Enter a description.

12. Set expires to your desired length – note maximum length is 2 years.

13.  Click Add.

• Once created, copy the client secret value before navigating away as it is only viewable just after it is created

Obtain the following IDs ready for configuration in IRIS Docs:

• Application ID (can be found on the application overview)
• Directory ID (can be found on the application overview)

• Client secret

14. Open IRIS Docs and browse to Administration > Global settings > Email

15. Enter the IDs into the Microsoft Graph fields.

16. Click OK.