Microsoft 365 Exchange Online
- 2 Minutes to read
-
Print
-
PDF
Microsoft 365 Exchange Online
- 2 Minutes to read
-
Print
-
PDF
About this document
This document gives you the step-by-step procedure to configure Office 365 Exchange Online in SAFE.
Introduction
SAFE seamlessly integrates with Microsoft Office 365 - Exchange Online and allows you to do the configuration assessment for your Exchange Online account.
Configure Exchange Online
Follow the below procedure to configure the Microsoft Office 365 - Exchange Online:
- Download the Office 365 Certificate from SAFE as follow:
- Navigate to the SAFE Hooks > Assessment Tools.
- Click the Configure button available on the Office 365 Exchange Online Card.
- On the configuration screen, click the Download Certificate button. A certificate file will be downloaded to your system.
- Register the application on Azure AD as follows:
- Login to Office 365 with a "Global Administrator" privilege user.
- Navigate to Admin Centre > Azure Active Directory
- Click the App Registration option available under Manage in the left-option menu.
- Click the New Registration button. The system opens Register an application page.
- Enter the Name (display name for the application).
- Select the Account Type as "Accounts in this organizational directory only (Organization name only - Single tenant)".
- Click the Register button.
- Assign the API permissions to the app as follows:
- Navigate to your registered application on the App Registrations page.
- Click the API permissions option available under Manage from the left-options menu.
- On the API permissions page, click Add a permission button.
- From "APIs my organization uses" search Office 365 Exchange Online and click it.
- Select Application Permissions.
- Go to Exchange and select "Exchange.ManageAsApp".
- Click the Add permissions button. The permission will be available under the API/Permissions name option.
- Change the status of the permission. By default, permission is not granted to the organization.
- Click the "Not granted for organization" text under the status column.
- Click Grant admin consent for your organization
- Read the confirmation dialog that opens and click Yes.
- Change the status to Granted for your Organization.
- Attach the certificate to the Azure AD application as follows:
- On the App registrations page, navigate to your registered application.
- Click Certificates & secrets available under Manage in the left-options menu.
- On the Certificates & secrets page, click the Upload certificate button.
- Browse and upload the certificate downloaded from SAFE.
- Click the Add button.
- Assign the Azure AD roles to the application as follows:
- Navigate to Azure Active Directory.
- Click Roles and administrators available under Manage in the left-options menu.
- Find and select the supported roles by clicking the name of the role. For this integration select the role of "Global reader".
- Click Add Assignments.
- On the Add assignments pop-up, select your application.
- Click the Add button.
- Enter the connector details on SAFE as follows:
- Navigate to the Administration > SAFE Hooks > Assessment Tools.
- Click the Configure button available on the Office 365 Exchange Online Card.
- Enter the Application ID of the application you created.
- Enter the Organization Domain. To find the Organization Domain:
- Go to Azure Active Directory > Overview
- Find the Primary Domain and copy it.
- Enter a value in the number of days for Auto Scan Frequency.
- Click the Test Button.
- Once the connection is verified, click Save.
- Once the configuration is saved, enable the Office 365 Exchange Online toggle button available at the top-right corner of the screen.
View Assessment Details
Once the Office 365 Exchange Online is configured, the system onboards the asset under the Cloud - SaaS Applications technology vertical with the name as ExchangeOnline - the domain of your organization. You can see the assessment result on the asset details page.
Was this article helpful?