Home > How-to Guides > Registering Messageware ActiveSend and OWA Desktop applications in your Tenant

Registering Messageware ActiveSend and OWA Desktop applications in your Tenant

This article applies to the following products:

  • Messageware ActiveSend O365
  • Messageware OWA Desktop O365

 

SUMMARY

Applications that integrate with Microsoft 365 platforms require Azure Active Directory Registrations. The registrations can be provided by the developer's tenant, Messageware, or registered in the customer's tenant. Registration in the customer tenant is common when the customer prefers to have their own name or any permission forms seen by Users or Administrators.

Applications can also be pre-approved by Administrators eliminating the initial permissions for end-users.

STEPS

Register a new application using the Azure portal.

  1. Sign into the Azure portal
  2. If your account gives you access to more than one tenant, select your account in the top right corner, and set your portal session to the Azure AD tenant that you want.
  3. Search for and select Azure Active Directory. On the Active Directory page, select App registrations and then select New registration
  4. When the Registration and application page appears, enter your application's registration information: 
    • Name Messageware Client Suite
    • Supported account types – Accounts in this organizational directory only (Single tenant)
    • Redirect URI Select Public Client/native (mobile & desktop)
    • URL urn:ietf:wg:oauth:2.0:oob
    • The following URLs are required. Please make sure the first URL is checked as shown on the screenshot below, the second URL should be listed at the bottom of the list.
    • https://login.microsoftonline.com/common/oauth2/nativeclient
    • urn:ietf:wg:oauth:2.0:oob
  5. When finished, select Register
    • Azure AD assigns a unique application (client) ID to the application and then you are redirected to the Application's Overview page.
  6. Add the following additional capabilities from the Application Overview Page:
    • Branding / Name  Messageware Client Suite
    • Authentication / Advanced Settings  Treat application as a public client: Yes
  7. Authentication / Supported account types
    • Verify that the checkmark shows "Accounts in any organizational directory (Any Azure AD directory - Single tenant)"
  8. API Permissions 
    • Add the following permissions by clicking "Add a permission" 
    • Click "Graph", "Delegated Permissions"
    • Place a checkbox next to the items:
      • Email
      • Profile
      • User.Read 
      • Mail.ReadWrite
      • Mail.ReadWrite.Shared
      • Mail.Send
      • Mail.Send.Shared
  9. Owners
    • Make sure that anyone that needs access to edit the application registration is listed here. Generally, this should only include administrators.

Messageware Deployment file configuration

Our deployment file is used to pre-configure our settings and then push the application using remote installation / group-policy to desktop.

Follow the Messageware Deployment Guide to complete the following .DEP file changes:

Copy the Application-ID (APPID) from Azure app registration page

Update the [APPID] and [ClientId] sections with the information copied from the tenant registration:

  <owaUrl>https://outlook.office.com/owa</owaUrl>

      <graphUrl>https://graph.microsoft.com/v1.0</graphUrl>

      <appId> Application (client) ID from the Azure Page </appId>

      <authority>https://login.microsoftonline.com/organizations</authority>

(…)

<oauth>

    <clientId> Application (client) ID from the Azure Page </clientId>

    <authority>https://login.microsoftonline.com/organizations</authority>

  </oauth>

 

Admin consent for your Azure Application Registration

If you have followed this article to create the Application Registration in your Tenant, then you can pre-approve the Application's use by your users so they will not receive the initial permissions prompt.

Without Admin Consent, users will see a Permissions Prompt similar to the following:

To configure Admin consent for Application registered in your tenant:

  • Switch to API Permissions
  • Click on Grant Admin consent for <your tenant name>

Admin consent for Messageware's Azure Application Registration

If you have chosen not to create the Application Registration in your Tenant, and will simply use the Messageware registration, then you can still pre-approve the Application's use by your users so they will not receive the initial permissions prompt.

To grant Admin Consent for Messagewar's registration, at least one user must run and trust the Application.

Then, the application ID and name will be listed in your Azure Tenant under "Enterprise Applications". From this page, grant Admin Consent for all users.

To grant Admin Consent for Application registered in Messageware's Tenant.

  1. Open Enterprise Applications 
  2. Find the correct Application on the list 
  3. Open the Permissions tab and click on Grant admin consent 
Updated: