Skip to main content

Add-In NG Configuration

info

AzureAD is now called Entra ID.

Change the AzureAD App to work with Add-In NG​

danger

In order for the Qiata Outlook Add-In NG to work with Office SSO, the application registration must be changed. This documentation shows only the changes that need to be made to a standard application registry. Therefore, make sure you have read the Connect AzureAD documentation and that this application works with Qiata.

Log in to your AzureAD as an administrator and navigate to the application you created for Qiata.

Qiata App

Add Client Secret​

Select Certificates & secrets. Then on the Client secrets tab, select New client secret.

Add Client Secret

  1. Click on New client secret
  2. Add a description for your client secret
  3. Select an expiration date for the secret or specify a custom lifetime
  4. Select Add. The new secret is created and the value is temporarily displayed
warning

Record the value of the secret to use it in Qiata. This secret value will never be displayed again after you leave this window.

Add Client Secret to OpenID Connect configration (Qiata)​

Log in to Qiata as the company administrator and add the client secret you just created to the OpenID Connect configuration.

Add Client Secret to Qiata

Expose a web API​

Expose an API

  1. Select Expose an API
  2. Select Set to generate an application ID URI
  3. Update the application ID URI to api://<FQDNofQiata>/qiataoutlookaddin/<app-id>

Set App ID

info

The Application ID URI is pre-filled with app ID (GUID) in the format api://<app-id>. The application ID URI format should be: api://<FQDNofQiata>/qiataoutlookaddin/<app-id>

Add a scope​

Add a scope

  1. From Expose an API-Page select Add a scope
  2. In the Add a scope pane, set the scope name to access_as_user, Who can consent? to Admins and users
  3. Make sure the state is enabled
  4. Click on Add scope

Add a client application​

Add a client application

  1. In the Client ID, type ea5a67f6-b6f3-4338-b240-c655ddc3cc8e. This value preauthorizes all Microsoft Office application endpoints
  2. Select the scope created in the previous point and activate it
  3. Click on Add application

Add API permissions​

Add API permission

  1. Select API permissions
  2. Click on Add a permission
  3. Select Microsoft Graph
  4. Select Delegated permissions
  5. In the Select permissions search box, search for the following permission:
  • At OpenId permissions choose email, openid and profile
  • At Group choose Group.ReadAll
  • At Mail choose Mail.ReadWrite
danger

The Mail.ReadWrite permission is required starting with Qiata version 4.22 (Add-In 1.6), as the transfer summary is no longer saved via EWS request, but instead via Microsoft Graph.

  1. After selecting the permissions select Add permissions

Grant Admin Consent

Select Grant admin consent for "YOUR TENANT". Select Yes for the confirmation that appears.

Configure access token version​

Change Access Token version

  1. Select Manifest from the left pane
  2. Enter 2 as the value for the accessTokenAcceptedVersion property (usually this is null)
  3. Select Save to finish the registration