FootPrints 20x: How do I configure FootPrints 20.20.x to use Oauth 2.0 for Microsoft 365?

Login to Microsoft Azure portal as your Office 365 administrator account:
https://portal.azure.com/ 


Click on icon in top left   and then select Microsoft Entra ID (formally known as Azure Active Directory)

Click on App Registrations

Click on New Registration

Enter your user-facing display name
 

Supported account types

Who can use this application or access this API? 
Set to :

• Accounts in this organizational directory only (BMC only - Single tenant)

Redirect URI (optional)

Set to:

Web - Leave URL blank

NOTE:  No URL redirect is needed as FootPrints is accessing the email directly and not accessing a direct login page




Click on Register

You will now see your settings:


Copy the Client ID and Tenant ID to a notepad file - these will be needed when configuring FootPrints

Now we need to configure our Application Secret

Click on Certificates and Secrets
 

Client secrets

A secret string that the application uses to prove its identity when requesting a token. Also can be referred to as application password.

Click on + New Client Secret



Add a Description and choose when the Secret will expire

Click Add

You will now see the Secret value


NOTE - Copy the Secret value to a notepad file as this is the only time that you will see the secret which is needed for FootPrints configuration


Now Configure the required Permissions:


Click on API Permissions:

Add a permission
Click on Microsoft Graph



As FootPrints is a Web Application we need to add Application permissions.



In the search bar type:  mail

Expand Mail and choose

Mail.Send 
Mail.Read
Mail.ReadWrite




Add Permissions


Now we need to Add User permission

Add a permission
Click on Microsoft Graph



As FootPrints is a Web Application we need to add Application permissions.



In the search bar type:  User

Expand User and choose

User.Read.All


Add Permissions

NOTE:
This value is used to validate if the email exists when configuring FootPrints.
This value is only needed for the initial configuration and once FootPrints is configured you can remove User.Read.All permission if required.


Remove the Delegated User.Read permission:



Confirm removal



Permissions have now been configured for Incoming and Outgoing notifications


To configure Calendar Sync we need to add the following:

Click Add a permission
Select tab " API my organization uses" 
In the search field type "Office 365 Exchange Online"




Select the "Application Permission"
Choose - full_access_as_app



Click Add permissions



Now configure FootPrints 20.20.x to use Oauth 2.0 


Login as System Administrator

Go to
Administration 
Main
System Management
Email Settings
Incoming Email (System)

Incoming Email

Click on Add

Click
Oauth 2.0



Enter values for Client ID, Tenant ID and Client Secret

Enter the Email Address to be used for the Incoming Email account (Use primary email address)

Save



Go to
Administration 
Main
System Management
Email Settings
Notifications (System)



Enter values for Client ID, Tenant ID, Client Secret,
Email Address, SMTP port and SMTP server as required

Save




Configure Calendar Sync for Oauth 2.0 - Available from 20.20.02 release

Go to
Administration 
Main
Integration
FootPrints Sync



Enable Sync

Anable Oauth

Fill out details as required

Save


Configure User for Calendar Sync settings

Click on Welcome- USERNAME (near top right of screen)



Choose FootPrints Sync

Fill out your email address and your required choices

Save