Some clients' security policies may require one of more of the following in order to approve the Azure app:
- The Azure app must be Single-Tenant instead of Multi-Tenant
- The Azure app must be created by the client instead of using your own Azure app
- The Azure app must have special scopes.
- The clients' security policies require whitelisted static IPs while still using Microsoft OAuth.
All of these require the creation of a separate Azure app for this specific client. Nylas can support this with a few extra steps. Here's how to do this.
1: Have the client create their own Azure app matching their security policies. Make sure they do the following during Azure app creation:
- Set the Azure App's Callback URI to https://api.us.nylas.com/v3/connect/callback (U.S. region) or https://api.eu.nylas.com/v3/connect/callback (EU region)
- Add the following Delegated API scopes: offline_access, openid, profile, User.Read.
- Also add the scopes your software needs. See this page for more information: https://developer.nylas.com/docs/dev-guide/scopes/ They should also be Delegated
2: Have the client generate a new Secret in the Azure app. We recommend setting it to 2 years. Ensure they save the Secret's Value before continuing as it will only be shown immediately after creation.
3: Have the customer send over their Azure app's Application (client) ID to you along with the Secret's Value.
4: Log into your Nylas dashboard and create a new Nylas App.
5: Go to Connectors and then to Microsoft Connector. Add the Application (client) ID and Secret's Value in there.
6: Update your software to support this additional Nylas app and its API key.
7: Authenticate the client's users through this new Nylas app.
Comments
0 comments
Article is closed for comments.