Microsoft 365 Authentication Configuration Section

EDG uses the Microsoft Graph api to integrate taxonomy and corpus collections. The EDG application must be registered on the Microsoft identity platform. The permissions required are:

  • Sites.Read.All - always required

  • TermStore.ReadWrite.All - required for taxonomy integration

  • Files.ReadWrite.All - required for corpus integration

You must configure the authentication credentials that EDG will use for access. EDG is able to use the OAuth 2.0 client credentials flow or OAuth 2.0 Resource Owner Password Credentials. Which one is used depends on the configuration fields provided.

To use OAuth 2.0 client credentials flow (prefered) enter the these values:

  • Registered Application ID

  • Tenant ID

  • Client Secret

To use OAuth 2.0 Resource Owner Password Credentials enter these values:

  • Registered Application ID

  • Service account user name

  • Service account password

These values will be provided when your Microsoft 365 administrator registers EDG. When using Resource Owner Password Credentials the service account used must have multi-factor authentication disabled.

Note

Changes to these settings require a server restart to take effect.

Parameter

Description

Registered Application ID

The application id generated when the EDG application was registered in Azure.

Tenant ID

The id of tenant that the EDG application was registered in.

Client Secret

This field is editable only if the Registered Application ID and Tenant ID fields are set.

Service account user name

The user name for the service account used to authenticate Microsoft 365 service requests (e.g. Microsoft Graph API).

Service account password

This field is editable only if the Registered Application ID and Service account user name fields are set.

See Also

Further Reading on TopBraid