Create a Microsoft 365 application

Microsoft 365 lets you create and register an application profile with unique identifiers that can used by Output Manager to communicate with Microsoft 365.

  1. Log into Microsoft 365 as administrator at the https://login.microsoftonline.com site.
  2. Select Admin Centers > Azure Active Directory.
    You may have to press Show All to see Azure Active Directory.
  3. Select the tenant and domain for the account that sends the email.
    If the sender will be dynamic specified, all senders have to be from the same tenant as the app is registered.

  4. Select Manage > App registrations > New registration.
  5. Enter the name of the application.
    For example, ControlSuite Email.
  6. Select Supported account types > Single tenant, and click Register.
  7. Select Manage > API Permissions > Add Permissions > Microsoft Graph > Application permissions.
    Application permission is used because no user is logging in.
  8. Check the following permissions:
    Permission name Description
    Mail.ReadWrite If you use the Email Source in Control Suite, this permission is used to read incoming emails. The write permission is used to mark emails as read or to delete them from the inbox.
    Mail.Send If using the Email Destination in Control Suite, this permission is used to send email from a user within the organization. The sender can be dynamic but it must be within the tenant the app was registered for.
    User.Read.All This permission allows the application to access the mailbox of any user.
  9. Select Add permissions > Grant admin consent for (tenant) and click Yes to add the selected permissions for the application.