In Microsoft Entra, under App Registrations add a New Registration.
Call the App TonicDM Office365 Token and click Register.
โNote: for "Who can use this application or access this API?" leave the default selection (Single Tenant) and do not add a Redirect URI.
Make a note of the Application (client) ID and Directory (tenant) ID.
Create the permissions for TonicDM to access your Office 365
Go to (1) API Permissions and (2) Add a permission. Choose the (3) Microsoft Graph permission set, then (4) Application Permissions.
In the (5) Select Permissions box
enter "Mailbox" and turn on the
MailboxSettings.ReadWritecheckboxthen enter "Mail" and turn on the
Mail.ReadWritecheckboxthen enter "User.Read" and turn on the
User.Read.Allcheckbox
Click (7) Add permissions.
This results in 4 permissions listed. You can remove User.Read if you like.
(8) Grant Admin Consent
Create a Secret
Go to (1) Certificates and secrets and (2) add a new Client Secret.
Enter TonicDM Office365 Secret for the description and choose 24 months for the expiry. Make a note of the Value and Expiry Date of the newly generated secret.
Go to TonicDM on the Web
You must be one of your organization's TonicDM administrators to complete this step.
Go to the Organization Settings page and scroll down to "Security Set Up".
Enter the following values into the fields:
from the Certificates & secrets page: App Secret and Expiry Date
From the Overview page Application (client) ID and Tenant ID
Click "Go" to activate the organization-level token.
Sometime before the secret expires, you'll need to generate a new secret then enter that new secret and the new expiry date into the Security Set Up.