web analytics

Migrating Microsoft Exchange to Microsoft Graph in Composable

Tutorial

Effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage, with the exception of SMTP Auth.”

https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-september-2021-update/ba-p/2772210

Due to the recent deprecation of both Exchange Online and support for Basic Authentication, Composable has decided to move away from using Exchange to track emails from inboxes and transition to using the Microsoft Graph API. This article will explain how to register an app for your Azure AD domain and access Outlook inboxes from Composable.


1. Register a new app in your Azure Active Directory.

Add a new App Registration in your organizations Azure AD App Registrations
  • From https://azure.microsoft.com/en-us/services/active-directory/, sign into your organization’s Azure Active Directory.
  • Click on “Add” then “App Registration” to make a new app.
  • Choose Accounts in this organizational directory only (<Organization> only – Single tenant).
  • For the Redirect URI put in the URL of the respective Composable Instance. For example: https://cloud.composableanalytics.com.
  • Once created, go to the Overview page and copy the Application (client) ID and the Directory (tenant) ID.
AzureADAppAuthentication
Enable Allow Public Client Flows

Next go to the Authentication tab, and enable Allow public client flows. This will allow registered users to authenticate with Composable.


2. Configure Application API Permissions

Enable the following three permissions to allow the app to interface with Composable’s Modules

Enable the following Microsoft Graph permissions in the API Permissions tab:

  • Mail.ReadWrite (Read and write emails in your inbox)
  • Mail.ReadWrite.Shared (Read and write emails from your shared inboxes)
  • MailboxSettings.Read (Read mailbox settings)

These permissions will need to be approved by an administrator from your organization in order to be usable within Composable.


3. Add Users From Enterprise Applications

Add the user accounts.

Add the user accounts you wish to access to the registered application from the Enterprise Applications page in Azure AD. This is how you control which accounts can be accessed by the Graph API.


4. Make a new Composable Key with the sign-on information

New Graph Connection Settings Key in Composable

Paste the Client and Tenant IDs you saved in step 1, followed by the username (email) and password of the user you wish to access. This user must be registered in the Enterprise Application page in the previous step.


5. Use one of the Outlook 365 modules in a Composable DataFlow

Select one of the Office 365 modules in a Composable DataFlow and select the key you just made. Fill in the requisite information. The Query field uses the Microsoft Graph filter syntax. Example filter queries for the Email Retriever module can be found here: https://docs.microsoft.com/en-us/graph/query-parameters#filter-parameter.