Configuration of Exchange on Azure AD (OAuth 2.0) synchronisation

You configure the Exchange integration of Profit in combination with Azure AD.

Configure Azure:

  1. Select he correct Azure tenant
  2. When registering the Azure Active Directory new App:
    • Note: Application (client) ID
    • Note: Directory/Map (tenant) ID
  3. At Certificates & secrets, generate a secret
    • Note: value of the created client secret
  4. Go to API permissions -> Microsoft Graph and add the following permissions:
    • Calendars.ReadWrite
    • Directory.Read.All
    • User.Read.All
    • MailboxSettings.Read

    Note:

    The Permission level should be Application (Delegated isn't sufficient).

  5. Click Application permissions.
  6. Select Mail.ReadWrite and Mail.Send permissions.
  7. Grant admin consent.

If there's an error message, try this solution: https://github.com/azuread/microsoft-authentication-library-for-dotnet/wiki/Client-Applications#invalid-client

Configure Profit:

  1. Go to General / Environment / Management / Properties, tab Exchange/Outlook.
  2. Select Exchange Azure AD at Sync. Profit Calendar with.
  3. Enter E-mail DNS.

    How do you find the correct value for this field? Go to https://portal.azure.com/#home. At the user you will see a logon e-mail address, fill in the part to the right of the @ in the E-mail DNS field.

  4. At Exchange Azure AD, fill the fields with the values recorded earlier:
    • Directory id: Directory/Map (tentant) ID
    • Application id: Application (Client) ID
    • Application secret: Application (Client) secret

Enter E-mail address for the Exchange link:

Normally, Profit will use a combination of the Profit user name and the MS Exchange server entered in the environment settings for the synchronisation. For example:user DMARTINA with the 'Afas.nl' server is transferred into DMARTINA@Afas.nl.

For the Exchange link however, you enter the e-mail address seperately for each user.

  1. Go to: General / Management / Authorisation tool.
  2. Go to the tab: User maintenance.
  3. Open the user properties.
  4. Go to the tab: General.
  5. Enter the deviating e-mail address, this must be a valid address.

Directly to

  1. Configure Profit Exchange link
  2. Configuration of Exchange on Azure AD (OAuth 2.0) synchronisation
  3. Configuration of Exchange synchronisation (on premise / local Exchange server)