Skip to main content

Delegated resource only

This section will introduce the procedure of integration (Delegated resource only) with Microsoft 365. This integration is suggested for companies who have a higher security concern.

Some ONES functions limited

πŸ“ŒSome ONES functions will not be included as system can only access resource calendar but not user calendar.

Server settings​

Getting start​

  1. Enter the name of integration for identification of this integration in ONES.

  2. Microsoft 365 service operator mainly is Microsoft. 21Vianet is for Mainland China client.

Create App registrations​

  1. For retrieving the directory ID, application ID and client secret, you need to create an application registration for integration. Navigate to your Azure Portal AAD tenant's app registrations blade.

  2. Select App registrations and click New application registration:

  3. Enter a name for the app registration. (This is not important for the integration with ONES.)

  4. Go to the Overview and copy the value: Client ID (Application ID) and Tenant ID (Directory ID) into the corresponding fields.

Grant API Permission​

  1. Go to API Permissions, click Add a permission, select Microsoft Graph

  2. Click Delegated permissions

  3. Select the following permissions in Delegated permissions and click Add permissions

  • Calendars -> Calendars.ReadWrite.Shared
  • openId
  • offline_access

Create client secret​

  1. After the app registration is created, go to Certificates & secrets

  2. Select Client secrets, and click New Client secret.

  3. Enter a name (e.g. Offision Integration) for the client secret, and select the expire time based on your needs.

  4. Click the Add button, and you can get the Client secret immediately after creation. Please copy it at this moment and fill in the field. Otherwise you may need to recreate a new client secret.

Save and next​

  1. Click Save and next to continue once the information is confirmed to be correct.

Room settings​

Redirect URI​

  1. Redirect URI is for adding single-sign-on callback-link to Microsoft 365(Please also add this to the Azure Portal):

  2. Navigate to Authentication, click Add platform, then click Web

  3. Copy the Redirect URI from the right and paste in the Redirect URIs in the Azure Portal AAD tenant. Click Configure

How to apply the Offision policy to Microsoft 365 room

If you want to apply the Offision policy to O365 room, please click here for more information.

Save and next​

  1. Click Save and next to continue.

User settings​

Single sign on​

  1. For single sign on, you need to create ANOTHER application registration.

  2. Navigate to your Azure Portal AAD tenant's app registrations blade.

Create an application registration for integration​

  1. Select App registrations and click New application registration:

  2. Enter a name for the app registration. (This is not important for the integration with ONES.)

  3. Go to the Overview and copy the value: Client ID (Application ID) into the corresponding fields.

Create client secret​

  1. After the app registration is created, go to Certificates & secrets

  2. Select Client secrets, and click New Client secret.

  3. Enter a name (e.g. Offision Integration) for the client secret, and select the expire time based on your needs.

  4. Click the Add button, and you can get the Client secret immediately after creation. Please copy it at this moment and fill in the field. Otherwise you may need to recreate a new client secret.

Redirect URI​

  1. Back to the setting on the right, Redirect URI is for adding single-sign-on callback-link to Microsoft 365(Please also add this to the Azure Portal).

  2. Navigate to Authentication, click Add platform, then click Web

  3. Copy the Redirect URI from the right and paste in the Redirect URIs in the Azure Portal AAD tenant. Click Configure

Others​

  1. You can set-up the default user groups in ONES for adding newly synchronized users.

  2. You can select Pager in user account as the card number of user in ONES.

  3. You can set the Login button name in the login page.

  4. Click Save and close.