Configuring with Delegated Permissions
To configure with delegated permissions:
- Logon to RPA Mastermind.
- Click page.
- Click and add Microsoft Office 365 application
- Select .
- Specify the information ( Application (Client) ID, Directory (Tenant) ID) displayed when registering the Azure App
- Specify the TenantId in the Auth Host field. For example, https://login.microsoftonline.com/ %20%3CTenantId%3E/oauth2/v2.0/.
Note: TheTenantId (also known as DirectoryId) is displayed in the overview section of the Azure app. Replace “%3CTenantId%3E” with TenantId or DirectoryId
- Specify the Redirect URL.
Note: The Redirect URL must match the URL configured in the Mobile and desktop applications section of the Azure App Registration on the Authentication page. For RPA, use the redirect URI provided on the RPA Management OAuth Provider configuration page, which can be copied from the API Gateway Applications menu for the RPA OAuth Provider. Ensure that the value configured in Azure exactly matches the RPA configuration, including trailing slashes.
- Select the required API Permissions to enhance security. Possible values:
- ForMail service
- Mail.Read
- Mail.ReadWrite
- Mail.Send
- Offline_Access
- User.Read
Note: The offline_access scope is required for delegated permissions to enable token refresh. Without this scope, the system cannot obtain refresh tokens, and users must reauthorize frequently. The User.Read permission is required to retrieve the signed-in user’s profile information during the authorization flow.
- Mail.Read.Shared
- Mail.ReadWrite.Shared
- Mail.Send.Shared
- ForFiles or one drive access
- Files.Read
- Files.Read.All
- Files.ReadWrite
- Files.ReadWrite.All
- Sites.Read.All
- Sites.ReadWrite.All
- ForMail service