Configuring MS Graph OAuth Provider

These per-requisites are required before you configure MS Graph OAuth Provider:

  • Azure Account

    Access to an Azure account with permissions to create and manage Azure App registrations. This task is typically managed by the IT Team.

  • Microsoft 365 Account

    An account with permissions to access emails (current) and other relevant Microsoft Graph resources (future).

  • RPA Mastermind

    Authentication and Token Management with Azure App to interact with MS Graph resources (related to emails).

  • RPA Studio installed.

Configuring MS Graph OAuth Provider includes these steps:

  1. Azure App Registration
    1. Log on to the Azure portal (https://portal.azure.com/).
    2. Navigate to Azure Active Directory.
    3. Click App registrations > New registration.
    4. Navigate to Create app > Manage > Authentication > Add a platform.
    5. Select Mobile and Desktop Application.
    6. Specify a name for your application.
    7. Select Accounts in this organizational directory only account or any other appropriate account.
    8. Specify the Redirect URI.
      Note: The Redirect URI can be copied from the API Gateway > Applications > RPA OAuth provider page.
    Note: You must make a note of the Application (Client) ID, Directory (Tenant) ID, and generate a Client Secret
  2. MS Graph Permissions
    1. Navigate to Azure App registration.
    2. Click API permissions.
    3. Click Add a permission > Microsoft Graph.
    4. Select the required permissions with appropriate scope for email automation For example, Mail.Read, Mail.ReadWrite, Mail.Send and so on.
    5. Grant admin consent.
  3. RPA Mastermind Configuration
    1. Log on to RPA Mastermind.
    2. Click Settings > OAuth Provider on the Configuration page.
    3. Click Add Oauth Provider and add Microsoft Office 365 application.
    4. Specify the information ( Application (Client) ID, Directory (Tenant) ID, and Client Secret) displayed when registering the Azure App .
    5. Specify the Redirect URL.
      Note: The Redirect URL can be copied from the API Gateway > Applications > RPA OAuth provider page.
    6. Select the required API Permissions for Mail service. Possible values:
      • Mail.Read
      • Mail.ReadWrite
      • Mail.Send
      • Offline_Access
      • User.Read
    Note: Additionally, you must also authorize the RPA application to perform action on your behalf. See, Authorize user for details.