Home > How-to Guides > Registering Messageware ActiveSend and OWA Desktop applications in your Tenant

Registering Messageware ActiveSend and OWA Desktop applications in your Tenant

This article applies to the following products:

     Messageware ActiveSend O365

     Messageware OWA Desktop O365

 SUMMARY

Applications that integrate with Microsoft 365 platforms require Azure Active Directory registrations.  The registrations can be provided by the developer’s tenant, Messageware, or registered in the customer’s tenant.  Registration in the customer tenant is common when the customer prefers to have their own name on any permission forms seen by Users or Administrators.

Applications can also be pre-approved by Administrators eliminating the initial permissions prompt for end-users.

STEPS

 Register a new application using the Azure portal

1. Sign in to the Azure portal

2. If your account gives you access to more than one tenant, select your account in the top right corner, and set your portal session to the Azure AD tenant that you want.

3. Search for and select Azure Active Directory. On the Active Directory page, select App registrations and then select New registration.

 

 

4. When the Register an application page appears, enter your application's registration information:

  • Name – Messageware Client Suite
  • Supported account types - Accounts in this organizational directory only (Single tenant)
  • Redirect URI - Select Public Client/native (mobile & desktop) -
  • URL urn:ietf:wg:oauth:2.0:oob
   

The following two URLs are required. Please make sure the first URL is checked as shown on the screenshot below, the second URL should be listed at the bottom of the list.  

  • https://login.microsoftonline.com/common/oauth2/nativeclient
  • urn:ietf:wg:oauth:2.0:oob

 

 

 

5. When finished, select Register.

Azure AD assigns a unique application (client) ID to the application and then you are redirected to the Application's Overview page.

 

6. Add the following additional capabilities from the Application Overview Page:

Branding / Name – Messageware Client Suite

Authentication / Advanced Settings

                Treat application as a public client: Yes

 

7. Authentication / Supported account types

Verify that the checkmark shows ‘Accounts in any organizational directory (Any Azure AD directory - Single tenant)

 

8. API Permissions

Add the following permissions by clicking ‘Add a permission’:

 

Click ‘Graph’, ‘Delegated permissions’

Place a checkbox next to the items:

  • email
  • profile
  • User.Read
  • Mail.ReadWrite
  • Mail.ReadWrite.Shared
  • Mail.Send
  • Mail.Send.Shared

 

 

9. Owners

Make sure that anyone that needs access to edit the application registration is listed here.  Generally, this should only include administrators.

 

Messageware Deployment file configuration

Our deployment file is used to pre-configure our settings and then push the application using remote installation / group-policy to desktop.

Follow the Messageware Deployment Guide to complete the following .DEP file changes:

 

Copy the Application-ID (APPID) from Azure app registration page

 

 

Update the [APPID] and [ClientId] sections with the information copied from the tenant registration:

    

  <owaUrl>https://outlook.office.com/owa</owaUrl>

      <graphUrl>https://graph.microsoft.com/v1.0</graphUrl>

      <appId> Application (client) ID from the Azure Page </appId>

      <authority>https://login.microsoftonline.com/organizations</authority>

(…)

<oauth>

    <clientId> Application (client) ID from the Azure Page </clientId>

    <authority>https://login.microsoftonline.com/organizations</authority>

  </oauth>

 

Admin consent for your Azure Application Registration

If you have followed this article to create the Application Registration in your Tenant, then you can pre-approve the Application's use by your users so they will not receive the initial permissions prompt.

               

Without Admin Consent, users will see a Permissions Prompt similar to the following: 

 

To configure Admin consent for Application registered in your tenant:

  • Switch to API Permissions 
  • Click on Grant admin consent for <your tenant name>

 

Admin consent for Messageware's Azure Application Registration

If you have chosen not to create the Application Registration in your Tenant, and will simply use the Messageware registration, then you can still pre-approve the Application's use by your users so they will not receive the initial permissions prompt.

To grant Admin Consent for Messageware's registration, at least one user must run and trust the Application.

Then, the application ID and name will be listed in your Azure Tenant under "Enterprise Applications".  From this page, grant Admin Consent for all users.

To grant Admin consent for Application registered in Messageware's Tenant.

1. Open Enterprise applications

2. Find the correct Application on the list

3. Open the Permissions tab and click on Grant admin consent