1. Haiilo Support Center
  2. Add-ons & integrations
  3. Microsoft

Microsoft Integration: Setup

In order to be able to use the functions of the Microsoft integration to the full extent, the basis for a login via Microsoft must first be created.

Configuration in Microsoft (Part 1)

To configure the Microsoft integration with Haiilo, you must first complete the following steps as an admin within Microsoft Azure Administration.

  1. Log in to Microsoft Azure with a Microsoft Admin account
  2. Choose the app registrations area
  3. Add a new registration
    1. Write a "Name"
    2. For "Supported account types" you choose "Accounts in any organizational directory (Any Azure AD directory - Multitenant)"
    3. Save the new app registration
  4. Copy the "Application (client) ID" and "Directory (tenant) ID" from the app registration
  5. Choose "Certificates & secrets" on the left side
    1. Create a "New client secret"
    2. Copy the client secret
  6. Choose "API permissions" on the left side
    1. Add the following API permissions with the type "Delegated"
      1. Calendars.ReadWrite
      2. Mail.Read
      3. offline_access
      4. openid
      5. Sites.Read.All
      6. User.Read

 

Note regarding the API permissions, if you don't want to assign some:

You cannot omit the permissions "offline_access" and "openid" because otherwise the integration will not work. However, you can omit the following permissions if you do not need the function of the integration:

  • Calendars.ReadWrite = Outlook sync of events
  • Mail.Read = Badge for Outlook symbol in the launchpad
  • User.Read = User login

For now, you are done with the configuration within Microsoft and now continue with configuration in Haiilo. Since you will need to access Microsoft Azure Administration again later, you should leave the tab open.

Configuration in Haiilo (Part 1)

To further configure the Microsoft integration with Haiilo, the next step is to perform the following steps as an admin within Haiilo Administration.

  1. Log in to your Haiilo with a Haiilo Admin account
  2. Click on "Administration" in the upper right corner of your profile picture
  3. Choose "Authentication" on the left side
  4. Create a new authentication providers
    1. Write a "Name"
    2. Choose "OpenID Connect" as "Type"
    3. Sets a check mark at "Active", if this new authentication provider should be activated directly
    4. Select the option "Microsoft 365 + Integration" as "Presets".
    5. Leave the option "mail" as "Mapping ID
    6. For "Client-ID" enter the "Application (client) ID" from Microsoft Azure Administration
    7. Enter the "client secret" from the Microsoft Azure Administration at "Client-Secret"
    8. For "Tenant-Id" enter the "Directory (tenant) ID" from Microsoft Azure Administration
    9. Save
  5. Edits the newly created authentication provider
    1. Copies the new automatically created "Redirect-URL"

For now, you are done with the configuration within Haiilo and now switch back to the configuration in Microsoft.

Configuration in Microsoft (Part 2)

After configuring the authentication provider in Haiilo, you will need to complete the following steps within Microsoft Azure Administration.

  1. Log in to Microsoft Azure with a Microsoft Admin account
  2. Choose the app registrations area
  3. Choose the newly created app registration
  4. Choose "Authentication" on the left side
    1. Choose "Add a platform"
    2. Choose "Web" for "Web applications"
    3. Enter the previously created redirection URL from Haiilo under "Redirection URIs"
    4. Save

Now you are done with the configuration within Microsoft and switch back to the configuration in Haiilo.

Configuration in Haiilo (Part 2)

After the last configuration in Microsoft, you need to perform the following steps within Haiilo Administration.

  1. Log in to your Haiilo with a Haiilo Admin account
  2. Click on "Administration" in the upper right corner of your profile picture
  3. Choose "System settings" on the left side
    1. In the "Activate integration" option, select the "Microsoft 365" option
    2. Saves the system settings
  4. Selects "User management" from the left menu
    1. Selects the "Roles" tab
    2. Edit one of your roles
    3. Activate the permission "Activate Microsoft 365" in the "Integrations" area
    4. Save the role

From now on, all users who have this role and log in via Microsoft can access the functions of the Microsoft integration.

To do this, they still have to ensure the requested access through Microsoft when logging in with Microsoft.

Was this article helpful?