Creating a new Application in Azure for the connection
The following steps are required to access Microsoft 365 from FTGate
- Log into the Enterprise Portal and selecting App Registrations
- In the All Applications section add a New Registration
- Enter the name of the application. For example FTGate Mail Server
- Set Supported Account Types to Accounts in this organizational directory only option
- Copy the Redirect URI from FTGate into the Redirect URI’s in the portal (See Redirect URI notes below)
- Click Register and wait for the portal to finish.
- Open the portal Overview page
- Copy the Application ID to the FTGate properties Application Id
- Copy the Directory (tenant) ID to the FTGate properties Directory (tenant) ID
- Open the API Permissions page and add permissions for
email, offline_access, openid, POP.AccessAsUser.All, profile, User.Read - Open the Certificates and secrets page
- Select the Client Secrets tab
- Click New client secret
- Enter a Description
- Enter a value for Expires (after this time a new secret will need to be created)
- Click Add
- Copy the new Secret ID to the FTGate properties Secret ID
Save the changes in FTGate. You are now ready to proceed with Authorisation
RedirectURI notes
Microsoft will not permit the use of an URI containing an IP address for the redirect except for 127.0.0.1
There is also a requirement that if the URI is not an IP address, then is must use a secure connection HTTPS URI.
If your server does not have a public dns address then we recommend using the nip.io service to fake a uri from an ip address.
For example, if your server was located at 192.168.1.51 you would connect your browser to
http://192.168.1.51.nip.io/
This would then resolve to your local IP address
(dont worry, its not a website, it just returns the IP address you use through dns)
See also: SSL, SSL self signed certificates
You can then connect and complete the Authorization process.