About this article
Microsoft has recently announced the support of Graph API within their Exchange Online servers. This will allow for a more granular access to Exchange Online mailboxes with no longer requiring the full_access_as_app
to all permissions.
Microsoft also included in this announcement that they are planning to deprecate the current method relying on EWS (Exchange Web Sockets) by Sept 30th, 2022.
Templafy has updated the Email Signature Server to support Graph API method on the App registration.
Below the steps needed to be followed:
Prerequisites
|
Configure the Graph API endpoints
-
Go to https://portal.azure.com
-
Ensure the intended subscription is selected
-
Go to Azure
-
Go to App registrations
-
Go to the previously created application which most likely has the following name [
templafyemailsignatureserver
] - Click [
View API permissions
] - Click [
+ Add a permission
] -
Select [
Microsoft Graph
] at the top under Commonly used Microsoft APIs-
Click [
Application permissions
] -
Select 🗹
Mail.ReadWrite
-
Click [
Add permissions
]
-
Click [
-
Click [
+ Add a permission
] to add another permission -
Click [
Microsoft Graph
] under Commonly used Microsoft APIs-
Click [
Application permissions
] -
Select 🗹
Domain.Read.All
-
Click [
Add permissions
]
-
Click [
- Click
Grant admin consent for <YOURTENANT>
(this needs to be clicked each time permissions are modified)
|
Update Templafy Email signature server
-
Go to https://portal.azure.com
-
Ensure the intended subscription is selected
-
Go to Azure
-
Go to App registrations
-
Go to the previously created application which most likely has the following name [
templafyemailsignatureserver
] -
Copy the value of [
Directory (tenant) ID
]
|
Client Hosted Update the Kubernetes deployment and the Docker image
|
Add the Directory ID property to the deployment image
- Navigate to the Resource group containing the [
templafyemailsignatureserver
] Kubernetes service - Select the [
Workloads
] item under the [Kubernetes resources
] section of the left hand panel - Click the [
email-signature-server-deployment
] in the main panel
-
Select the
YAML
item in the left hand pane of theemail-signature-server-deployment
Overview -
Select the
JSON
tab of the main panel
- Add the following as an environment variable in the
env
section, you can place this after theoffice365AuthenticationUrl
block:
{ "name": "office365DirectoryId", "value": "<Your TenantID>" },
- Replace the "<Your GUID>" with the the GUID you have retrieved from the App registration as described above
-
Click the
[Review + Save]
button -
Check the ☑
[Confirm manifest changes]
checkbox -
Click the
[Save]
button
Upgrade the email signature server version to support this functionality
|
Remove the EWS settings
|
-
Go to https://portal.azure.com
-
Ensure the intended subscription is selected
-
Go to Azure Active Directory
-
Go to App registrations
-
Go to the previously created application which should have the following name [
templafyemailsignatureserver
] - Click [
View API permissions
]-
Right Click on [
...
] next to [Office 365 Exchange Online
] -
Select [
Revoke all admin consents
]
- Then again Right-click on [
...
] and select [Remove all permissions
]
-
Right Click on [
Comments
Article is closed for comments.