Registering an Azure App in the Azure Portal For Modern Authentication

To configure modern authentication for the Microsoft Office365 email server, you must use the information generated in an Azure Active Directory application, such as, access tokens and ID tokens.

Log On to the Azure Portal as the Global Administrator

1. Log on to the Azure portal (https://portal.azure.com/) using your global administrator account.
2. Go to Azure Active Directory.

Register Azure Active Directory in the Azure Portal

1. In the navigation pane, click App registrations.
   The App registrations page appears.
2. Click New registration.
   The Register an application screen appears.
   1. In the Name box, type a name for the app.
   2. In the Redirect URI section, select Web and then enter http://localhost:3017/.
   3. In the Supported account types section, select Accounts in this organizational directory only.
   4. Click Register.
3. Copy and paste the following values in a file or other document that you can access later:
   • Application (client) ID
   • Directory (tenant) ID
     You will enter these values in the Commvault software when you create the Azure AD app.
4. From the left navigation pane, click Certificates & secrets.

5. Click New client secret.
   The Add a client secret dialog box appears.

   • Enter the client secret description and expiration date, and then click Add.

   Note

   Save the client secret value.

6. In the navigation pane, click API permissions.

7. Click Add a permission.
   The Request API permissions page appears.

8. Click Microsoft Graph and complete the following steps:

   1. Click Application Permissions.
   2. Select the following permissions:

   Type	Permission	Description
   Delegated	IMAP.AccessAsUser.All	Read and write access to mailboxes via IMAP
   Delegated	Mail.Send	Send mail as a user
   Application	Mail.Send	Send mail as any user
   Delegated	offline.access	Maintain access to data you have given it access to
   Delegated	openid	Sign users in
   Delegated	POP.AccessAsUser.All	Read and write access to mailboxes via POP
   Delegated	SMTP.Send	Send emails from mailboxes using SMTP AUTH
   Delegated	User.Read	Sign in and read user profile

   1. Click Add permissions.
      For more information regarding permissions, see Microsoft Permissions.
   2. Click Grant admin consent for <Azure account>.

9. In the navigation pane, click Authentication.
   Authenticate the Azure app for access tokens using Implicit grant and hybrid flows.

10. Select Access tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows), and then click Save.

What to Do Next

• Make a note of the following values, which are required for configuring modern authentication:
  • Your Directory (tenant) ID
  • Your Application (client) ID
  • Your Application client secret value
• Configure the Microsoft Office 365 email server in the Command Center.