Skip to main content
Skip table of contents

Microsoft Exchange Online Setup

It is first needed to set up Microsoft Exchange Online in Microsoft Azure, and then configure it in MyQ.

Microsoft Exchange Online setup in Microsoft Azure

  1. Log in to the Microsoft Azure portal and go to App registrations.

    MS Azure - App registrations
  2. Create a New registration:

    Creating a new registration
  3. Create a multitenant app:

    1. Name - The name for this application (this can be changed later). For example, MS Exchange Online. It is important to use the same name as the one used in MyQ under External Systems

    2. Supported account types - Who can use this application or access this API? Select the Accounts in any organizational directory (Any Azure AD directory - Multitenant) option.

    3. Redirect URI (optional) -  The authentication response is returned to this URl after successfully authenticating the user. Select the Public client/native (mobile&desktop) option from the drop-down and fill in https://login.microsoftonline.com/common/oauth2/nativeclient as the redirect URI.

    4. Click Register.

      MS Azure - new app registration properties
  4. The new app overview page opens. Copy the Application (client) ID and the Directory (tenant) ID, as they are needed for the connection to MyQ.

    MS Azure - new app overview
  5. On the left-hand menu, click Manifest and modify and Save the JSON with the following:

    CODE
    "allowPublicClient": true,
        "replyUrlsWithType": [
            {
                "url": "https://login.microsoftonline.com/common/oauth2/nativeclient",
                "type": "InstalledClient"
            }
        ],
        "requiredResourceAccess": [
            {
                "resourceAppId": "00000003-0000-0000-c000-000000000000",
                "resourceAccess": [
                    {
                        "id": "258f6531-6087-4cc4-bb90-092c5fb3ed3f",
                        "type": "Scope"
                    },
                    {
                        "id": "d7b7f2d9-0f45-4ea1-9d42-e50810c06991",
                        "type": "Scope"
                    },
                    {
                        "id": "652390e4-393a-48de-9484-05f9b1212954",
                        "type": "Scope"
                    },
                    {
                        "id": "7427e0e9-2fba-42fe-b0c0-848c9e6a8182",
                        "type": "Scope"
                    }
                ]
            }
        ],
    
  6. On the left-hand menu, click Authentication. In Advanced settings, under Allow public client flows, select Yes next to Enable the following mobile and desktop flows, and then click Save at the top.

    MS Exchange Online authentication settings
  7. On the left-hand menu, click API permissions and add the additional permissions required for the correct functionality, described in the table below.

API permissions

Scope ID

Description

7427e0e9-2fba-42fe-b0c0-848c9e6a8182

Microsoft Graph: offline_access

Allows the app to see and update the data you gave it access to, even when you are not currently using the app. This does not give the app any additional permissions.

e1fe6dd8-ba31-4d61-89e7-88639da4683d

Microsoft Graph: User.Read

Sign in and read user profile

652390e4-393a-48de-9484-05f9b1212954

Microsoft Graph: IMAP.AccessAsUser.All

Allows the app to read, update, create and delete email in your mailbox. Does not include permission to send mail.

d7b7f2d9-0f45-4ea1-9d42-e50810c06991

Microsoft Graph: POP.AccessAsUser.All

Allows the app to read, update, create and delete email in your mailbox. Does not include permission to send mail.

258f6531-6087-4cc4-bb90-092c5fb3ed3f

Microsoft Graph: SMTP.Send

Allows the app to send emails on your behalf from your mailbox.

 

Microsoft Exchange Online setup in MyQ

  1. Log in to the MyQ web administrator interface, and go to MyQ, Settings, External Systems.

  2. In the External Systems section, click +Add and select Microsoft Exchange Online from the list.

    Adding MS Exchange Online in External Systems
  3. In the pop-up window, fill in the required fields:

    1. Title - add the name you chose during App registration in MS Azure; for example, MS Exchange Online.

    2. Client ID - the Application (client) ID you copied during the MS Azure setup.

    3. Tenant ID - the Directory (tenant) ID you copied during the MS Azure setup.

  4. Click OK.

    Microsoft Exchange Online setup in MyQ
  5. After setting up the external system in MyQ, you are requested to confirm a code through the Microsoft website (https://microsoft.com/devicelogin). The code you need to confirm is shown in the pop-up window, just below the link to the Microsoft website. There is timeout for confirming the code (usually it is 15 minutes).

    Microsoft Exchange Online code pop-up

The email functionality will not work until the confirmation is successfully completed.

This confirmation must be done with the Microsoft account that owns the email box (email address), which is used to connect to the exchange (Sender email in the MyQ, Settings, Network tab).

For example, if you use the sender email “print@somedomain.com”, then you need to authenticate on the Microsoft website as this user during this step.

Microsoft Exchange Online is now connected to MyQ and is ready to be used in the Network settings tab, as an Outgoing SMTP server and in the Jobs settings tab, in Jobs via Email as a POP3 or IMAP server.

Additional Settings

Send scan as the logged-in user

If MyQ is set to send scans as the logged-in user in MyQ, Settings, Scanning & OCR - Default settings of an email with scan - Sender, the mailbox authenticated in MyQ has to have a Send As permission for all users.

  1. Log in to Exchange admin center.

  2. Go to Mailboxes, select all users.

  3. Click on “Mailbox delegation”.

  4. Select the mailbox that has been authenticated in MyQ when the Exchange Online connector was created (you can find it in Settings - Connections).

  5. Choose "Send as" permission.

    Choosing the send as permission
  6. Click Save.

Your selected mailbox for outgoing emails has now been assigned the rights to send scanned documents on behalf of the user who scanned them.

If you select to send emails as the default sender, this change is not required.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.