Configure OAuth 2.0 connection in Control Room

As an administrator or any user with Manage connections and View connections permission, can create OAuth connections in the Control Room that can be used in Microsoft 365 packages.

Prerequisites

.
Note: If you want users to view and edit OAuth connections, then you must assign a custom role that has the Manage connections and View connections options enabled.

Procedure

  1. Log in to the Control Room.
  2. Navigate to Manage > OAuth connections.
  3. Click the Create connection icon or create a connection link in the table.
  4. On the Connection settings screen, click the Provider type drop-down menu and select Custom.
  5. In the Connection name field, enter a unique name to identify the connection.
  6. Click Next.
  7. On the Create connection screen, click the Grant type drop-down menu and select Authorization Code Flow. See OAuth authorization code flow.
  8. In the Client ID and Client secret fields, enter the values from the Oauth client application created in the Microsoft Azure portal. For more information, see Set up OAuth 2.0 using client credentials.
  9. In the Authorization URL field, enter https://login.microsoftonline.com/{tenand_id}/oauth2/v2.0/authorize.
    Note: You can extract the tenant_id from OAuth client application from the Microsoft Azure portal that you have created.
  10. In the Token URL field, enter https://login.microsoftonline.com/{tenand_id}/oauth2/v2.0/token.
  11. Enter the scopes in the Scope (optional) field.
    This information is used as claims (information about the user) in an access token and forwarded to the resource server to limit access.
    Note: If you are adding more than one scope, ensure that you use comma or space separated delimiter to separate the entries.
  12. Click Next.
    Entering Oauth connection details
  13. On the Edit connection screen, select the Save login credentials check box and click Save changes and test connection button.
    When you click Save changes and test connection button, it redirects you to sign into Microsoft Azure portal.
  14. Select the appropriate Microsoft Azure account and click Continue.
  15. Verify the services and click Continue.
    Note: When using the Authorization Code Flow grant type, after you click the Save changes and test connection option and if the connection is successful, the Next button is disabled. Click the Back button, enter the Client secret again, and then click Next. You need not test the connection again unless you have made any changes to the previously provided authentication details.
  16. Click Next.
    The Invite roles screen appears.
  17. Optional: Select the custom roles to generate user specific token and click Save changes.Invite user role to use the Control Managed connections
  18. Click Create connection.
    An OAuth 2.0 connection is created in the Control Room.