Articles in this section

Migrate Templafy Email Signature Server to use Graph API

About this article 

Microsoft has recently announced the support of Graph API within their Exchange Online servers. This will allow for a more granular access to Exchange Online mailboxes with no longer requiring the full_access_as_app to all permissions. 

Microsoft also included in this announcement that they are planning to deprecate the current method relying on EWS (Exchange Web Sockets) by Sept 30th, 2022 

Templafy has updated the Email Signature Server to support Graph API method on the App registration.

Below the steps needed to be followed: 

  1. Configure the Graph API endpoints 
  2. Update Templafy Email signature server 
  3. Remove the EWS settings 

Prerequisites

 

 

Configure the Graph API endpoints 

  • Go to https://portal.azure.com

  • Ensure the intended subscription is selected

  • Go to Azure

  • Go to App registrations

  • Go to the previously created application which most likely has the following name [templafyemailsignatureserver] 
  • Click [View API permissions] Before_Graph_API_added.png
  • Click [+ Add a permission]
  • Select [Microsoft Graph] at the top under  Commonly used Microsoft APIs 
    1. Click [Application permissions] 
    2. Select 🗹 Mail.ReadWrite
    3. Click [Add permissions] 

blobid0.png

 

  • Click [+ Add a permission] to add another permission

  • Click [Microsoft Graph] under Commonly used Microsoft APIs 
    1. Click [Application permissions] 
    2. Select 🗹 Domain.Read.All
    3. Click [Add permissions] 

 

  • Click Grant admin consent for <YOURTENANT> (this needs to be clicked each time permissions are modified) 

 

 
  • Note: The Email signature server also adds the email signature to the email located in the sent items. The sender can always verify that their email signature was appended. 

 

 

 

Update Templafy Email signature server 

  • Go to https://portal.azure.com

  • Ensure the intended subscription is selected

  • Go to Azure

  • Go to App registrations

  • Go to the previously created application which most likely has the following name [templafyemailsignatureserver] 
  • Copy the value of [Directory (tenant) ID]
 
  • Note:
    • If you are using the Templafy Hosted email signature server, please share the value with the Templafy member working with you on this upgrade or by contacting Templafy Support
    • If you are using the Client Hosted email signature server, please follow the steps below: 

 

Client Hosted Update the Kubernetes deployment and the Docker image  

 

 
  • Important: This section is only relevant to Email signature server Client Hosted setup

 

Add the Directory ID property to the deployment image 

  1. Navigate to the Resource group containing the [templafyemailsignatureserver] Kubernetes service
  2. Select the [Workloads] item under the [Kubernetes resources] section of the left hand panel
  3. Click the [email-signature-server-deployment] in the main panel

    Kubernetes_resources_workload_numbered.png

  4. Select the YAML item in the left hand pane of the email-signature-server-deployment Overview

  5. Select the JSON tab of the main panel   

    edit-JSON-deployment.png

  6. Add the following as an environment variable in the env section, you can place this after the office365AuthenticationUrl block:
    {
       "name": "office365DirectoryId",
       "value": "<Your TenantID>"
    },
  7. Replace the "<Your GUID>" with the the GUID you have retrieved from the App registration as described above
  8. Click the [Review + Save] button

    blobid3.png
  9. Check the [Confirm manifest changes] checkbox

  10. Click the [Save] button

Upgrade the email signature server version to support this functionality  

 
  • Make sure to upgrade to Email Signature server version 0.2.2.2347 or later to support this new Graph API functionality. 

 

 

 

Remove the EWS settings

 

 
  • Note: Try to test sending out an email to confirm that the switch over to Graph API is complete before proceeding with the removal of EWS settings
  • Go to https://portal.azure.com

  • Ensure the intended subscription is selected

  • Go to Azure Active Directory

  • Go to App registrations

  • Go to the previously created application which should have the following name [templafyemailsignatureserver] 
  • Click [View API permissions]
      1. Right Click on [...] next to [Office 365 Exchange Online] 
      2. Select [Revoke all admin consents]
      3. Then again Right-click on [...] and select [Remove all permissions]

EWS_revoke_admin_consents.png

EWS_remove_all_permissions.png

 

Related articles

 
email signature server ESS Graph API
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.