Creating a new Application in Azure for the connection

The following steps are required to access Microsoft 365 from FTGate

  1. Log into the Enterprise Portal and selecting App Registrations
  2. In the All Applications section add a New Registration
  3. Enter the name of the application. For example FTGate Mail Server
  4. Set Supported Account Types to Accounts in this organizational directory only option
  5. Copy the Redirect URI from FTGate into the  Redirect URI’s in the portal (See Redirect URI notes below)
  6. Click Register and wait for the portal to finish.
  7. Open the portal Overview page
  8. Copy the Application ID to the FTGate  properties Application Id
  9. Copy the Directory (tenant) ID to the FTGate properties Directory (tenant) ID
  10. Open the API Permissions page and add permissions for
    email, offline_access, openid, POP.AccessAsUser.All, profile, User.Read
  11. Open the Certificates and secrets page
  12. Select the Client Secrets tab
  13. Click New client secret
  14. Enter a Description
  15. Enter a value for Expires (after this time a new secret will need to be created)
  16. Click Add
  17. Copy the new Secret ID  to the FTGate properties Secret ID

Save the changes in FTGate. You are now ready to proceed with Authorisation

RedirectURI notes

Microsoft will not permit the use of an URI containing an IP  address for the redirect except for 127.0.0.1

There is also a requirement that if the URI is not an IP address, then is must use a secure connection HTTPS URI.

If your server does not have a public dns address then we recommend using the nip.io service to fake a uri from an ip address.

For example, if your server was located at 192.168.1.51 you would connect your browser to

http://192.168.1.51.nip.io/
This would then resolve to your local IP address
(dont worry, its not a website, it just returns the IP address you use through dns)

See also: SSL, SSL self signed certificates

You can then connect and complete the Authorization process.