Delegated resource only
This section will introduce the procedure of integration (Delegated resource only) with Microsoft 365. This integration is suggested for companies who have a higher security concern.
πSome ONES functions will not be included as system can only access resource calendar but not user calendar.
Server settingsβ
Getting startβ
Enter the
name
of integration for identification of this integration in ONES.Microsoft 365 service operator
mainly isMicrosoft
.21Vianet
is for Mainland China client.
Create App registrationsβ
For retrieving the directory ID, application ID and client secret, you need to create an application registration for integration. Navigate to your Azure Portal AAD tenant's app registrations blade.
Select
App registrations
and clickNew application registration
:Enter a name for the app registration. (This is not important for the integration with ONES.)
Go to the
Overview
and copy the value:Client ID (Application ID)
andTenant ID (Directory ID)
into the corresponding fields.
Grant API Permissionβ
Go to
API Permissions
, clickAdd a permission
, selectMicrosoft Graph
Click
Delegated permissions
Select the following permissions in
Delegated permissions
and clickAdd permissions
Calendars -> Calendars.ReadWrite.Shared
openId
offline_access
Create client secretβ
After the app registration is created, go to
Certificates & secrets
Select
Client secrets
, and clickNew Client secret
.Enter a name (e.g. Offision Integration) for the client secret, and select the expire time based on your needs.
Click the
Add
button, and you can get theClient secret
immediately after creation. Please copy it at this moment and fill in the field. Otherwise you may need to recreate a new client secret.
Save and nextβ
- Click
Save and next
to continue once the information is confirmed to be correct.
Room settingsβ
Redirect URIβ
Redirect URI is for adding single-sign-on callback-link to Microsoft 365(Please also add this to the Azure Portal):
Navigate to
Authentication
, clickAdd platform
, then clickWeb
Copy the Redirect URI from the right and paste in the
Redirect URIs
in the Azure Portal AAD tenant. ClickConfigure
If you want to apply the Offision policy to O365 room, please click here for more information.
Save and nextβ
- Click
Save and next
to continue.
User settingsβ
Single sign onβ
For single sign on, you need to create ANOTHER application registration.
Navigate to your Azure Portal AAD tenant's app registrations blade.
Create an application registration for integrationβ
Select
App registrations
and clickNew application registration
:Enter a name for the app registration. (This is not important for the integration with ONES.)
Go to the
Overview
and copy the value:Client ID (Application ID)
into the corresponding fields.
Create client secretβ
After the app registration is created, go to
Certificates & secrets
Select
Client secrets
, and clickNew Client secret
.Enter a name (e.g. Offision Integration) for the client secret, and select the expire time based on your needs.
Click the
Add
button, and you can get theClient secret
immediately after creation. Please copy it at this moment and fill in the field. Otherwise you may need to recreate a new client secret.
Redirect URIβ
Back to the setting on the right, Redirect URI is for adding single-sign-on callback-link to Microsoft 365(Please also add this to the Azure Portal).
Navigate to
Authentication
, clickAdd platform
, then clickWeb
Copy the Redirect URI from the right and paste in the
Redirect URIs
in the Azure Portal AAD tenant. ClickConfigure
Othersβ
You can set-up the default user groups in ONES for adding newly synchronized users.
You can select
Pager
in user account as the card number of user in ONES.You can set the
Login button name
in the login page.Click
Save and close
.