Auth 2.0 Access Tokens

Hello, we are working on setting up Auth2.0 for email replies/monitors, and our Exchange admins followed these articles:

  • https://solutions.teamdynamix.com/TDClient/1965/Portal/KB/ArticleDet?ID=105410
  • https://solutions.teamdynamix.com/TDClient/1965/Portal/KB/ArticleDet?ID=20961

We have the clientID and clientSecret generated, but we are not quite sure what is meant by:

"Click on the Generate button beside the Access Token field to visit the OAuth 2.0 authorization endpoint where you will be prompted for your credentials in the external system and authorize access for the provided scopes"

Can you elaborate on this endpoint, and does the Exchange Admin need to do any additional configuration to generate the Access tokens?  Are these just Bearer tokens?

Thanks
Tevis

Asked by Tevis Boulware on Mon 5/2/22 1:16 PM
Sign In to leave feedback or contribute an answer

Answer (1)

This answer has been marked as the accepted answer
Mark Sayers Mon 5/2/22 1:27 PM

Hello Tevis,

That is a button within the TDAdmin configuration page for an authentication account, it simply takes you to the exchange sign in page to allow you to sign in using the credentials of the email account you wish to be monitoring. When you sign in and grant TDX access, it will generate access and refresh tokens for the auth account to use for monitoring purposes.

2 of 2 users found this helpful.
Mark, thanks for the quick response. If we are using a serviceportal@uoregon.edu for email replies, then this would be the account we would sign into for the Access Tokens (that is actually what I thought it was)?

That said, the account (serviceportal@uoregon.edu) account must be an Office365 account. Is that correct? - Tevis Boulware Mon 5/2/22 1:32 PM
Yes, and yes. It must be an O365 account if you intend to use an OAuth 2.0 (the non-IMAP version) auth account. - Mark Sayers Mon 5/2/22 1:36 PM
Mark, can you review the following screen capture and let me know what we are doing "wrong". If we can't identify the issue from the screen capture, can we set up another quick meeting with the support team?

https://www.screencast.com/t/OwnQUTVWAxd

Thanks, Tevis - Tevis Boulware Tue 5/3/22 4:08 PM
Where did your administrator obtain the value for the Client ID field in Azure? Are you able to provide a screen shot of that page? We likely need to move this to a support ticket though as this is a public forum and you may not wish to share anything that shows the inside of your Azure system out here. - Mark Sayers Tue 5/3/22 4:12 PM
Hi Mark, this was a mistake on our part. When the Administrator created the Azure App Registration, four ID where created and we were using the incorrect Client ID. I suggest in the KB article:

https://solutions.teamdynamix.com/TDClient/1965/Portal/KB/ArticleDet?ID=105410

That a note be added to ensure that the ApplicationID should be used for the ClientID.

Thanks, Tevis - Tevis Boulware Wed 5/4/22 12:06 PM