> ## Documentation Index
> Fetch the complete documentation index at: https://docs.refold.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Setup

> Connect to your Microsoft 365 app for OAuth.

To setup your Microsoft 365 app in Refold for OAuth, you will need the following credentials from your [Microsoft Azure account](https://azure.microsoft.com/en-gb/):

* Client ID
* Client Secret
* Scopes

### Pre-requisites

1. Microsoft Azure Account. You can create one [here](https://azure.microsoft.com/en-gb/).

### Required Settings

* **Mandatory Scopes**

1. User.Read
2. offline\_access
3. User.ReadBasic.All
4. User.ReadWrite
5. Directory.Read.All
6. Directory.ReadWrite.All
7. User.Read.All
8. User.ReadWrite.All
9. Group.Read.All
10. Group.ReadWrite.All
11. Mail.Read
12. Mail.ReadWrite
13. Calendars.Read
14. Calendars.ReadWrite

<Info>If you haven't already created an app in Microsoft Azure, you'd need to create one.</Info>

### Creating an app in Microsoft Azure

To create a Microsoft 365 app and acquire the above mentioned credentials, please follow the steps mentioned below:

1. Log in to your [Microsoft Azure account](https://azure.microsoft.com/en-gb/).
2. Search for **Microsoft Entra ID** and select it from **Services** in the top search bar.

<img height="200" src="https://mintcdn.com/cobalt-55/wOGvLSncBaYd4o6C/images/Ms365/ms365_navigation.png?fit=max&auto=format&n=wOGvLSncBaYd4o6C&q=85&s=15504278a7f8cda14af4d9d3c861b1df" alt="Navigation for App setup" data-path="images/Ms365/ms365_navigation.png" />

3. Navigate to `Overview` in the side menu > Click on `+Add` > Select `App Registration`.
4. Enter the App **Name** for your application and select `Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant)` under **Supported Account Types**.
5. Go to your [`Apps catalog`](https://app.gocobalt.io/apps) in **Refold** > Search for `Ms365` > `Settings` > `Use your credentials` > `Callback Url` > Copy it.
6. Under the **Redirect URI** section, select **Platform** as `Web`, paste the **Callback Url** as the URL and click `Register`.

<img height="200" src="https://mintcdn.com/cobalt-55/wOGvLSncBaYd4o6C/images/Ms365/ms365_register.png?fit=max&auto=format&n=wOGvLSncBaYd4o6C&q=85&s=ff9aab22079ed239a93eb1201c9b2f6c" alt="App Registration" data-path="images/Ms365/ms365_register.png" />

<Info>
  If you already have an app created, then follows these steps to add Redirect URL:

  Select your Application > Select **Authentication** in side menu > Under **Platform configurations**, press the  **Add a platform** button > Select **Web** > Paste the Callback Url > Click on **Configure** > Click **Save** button at the bottom.
</Info>

7. Navigate to `Manage` > `API permissions` in the side menu > Click on `+ Add a permission`.
8. Choose the `Microsoft Graph` card under **Microsoft APIs** > Choose `Application permissions` > Select the **mandatory scopes** > click on the `Add Permissions` button.
   <Info>**Offline\_access** scope will be present under **Delegated permissions** in **Microsoft Graph**</Info>

<img height="200" src="https://mintcdn.com/cobalt-55/0IGKzTphHY-auv_h/images/Ms365/ms365_config.png?fit=max&auto=format&n=0IGKzTphHY-auv_h&q=85&s=e6832d70586c9c024c19f68e456b27be" alt="Setting up Microsoft 365 Developer app" data-path="images/Ms365/ms365_config.png" />

9. Navigate to `Certificates and Secrets` in the side menu and under **Client Secrets** tab, press the `+ New client secret` button. Give a **Description**, select the best expiry for your application and click `Add` to create your credentials.
10. Copy the displayed **Client Secret** under the `Value` column.

<img height="200" src="https://mintcdn.com/cobalt-55/0IGKzTphHY-auv_h/images/Ms365/ms365_credentials.png?fit=max&auto=format&n=0IGKzTphHY-auv_h&q=85&s=7944a19fea4a8b5e28f5ad596557d72f" alt="Getting Client Secret" data-path="images/Ms365/ms365_credentials.png" />

11. Navigate to `Overview` in the side menu > `Essentials` tab > Copy the **Client ID** under `Application (client) ID`.

<img height="200" src="https://mintcdn.com/cobalt-55/0IGKzTphHY-auv_h/images/Ms365/ms365_id.png?fit=max&auto=format&n=0IGKzTphHY-auv_h&q=85&s=2796109cad9d645e38eae3969d2f6f18" alt="Getting Client ID" data-path="images/Ms365/ms365_id.png" />

#### Configuring credentials in Refold

App settings page lets you configure the authentication settings for an `OAuth2` based application. For your customers to provide you authorization to access their data,
they would first need to install your application. This page lets you set up your application credentials.

<img height="200" src="https://mintcdn.com/cobalt-55/0IGKzTphHY-auv_h/images/Ms365/ms365_cobalt.png?fit=max&auto=format&n=0IGKzTphHY-auv_h&q=85&s=f253dfc2a54bc4c459463402262cba7d" alt="Setting up application client credentials" data-path="images/Ms365/ms365_cobalt.png" />

Provide the acquired Client ID and Client Secret under Settings of the app and save it.

#### Configuring Scopes

Refold lets you configure what permissions to ask from your users while they install your application. The scopes can be added or removed from the App settings page, under `Permissions & Scopes`
section.

For some applications Refold sets **mandatory scopes** which cannot be removed. Additional scopes can be selected from the drop down. Refold also has the provision to add any
custom scopes supported by the respective platform.

<img height="200" src="https://mintcdn.com/cobalt-55/wOGvLSncBaYd4o6C/images/Ms365/ms365_scopes.png?fit=max&auto=format&n=wOGvLSncBaYd4o6C&q=85&s=97b3a07900ba0dd78ce218feb72c469f" alt="OAuth Scopes" data-path="images/Ms365/ms365_scopes.png" />

Once the scopes has been added to the application in Refold, go to your [Microsoft Azure account](https://azure.microsoft.com/en-gb/) and update the scopes as added on Refold.

Select the OAuth App created for Refold and follow **Step 7** and **8** [above](https://docs.gocobalt.io/resources/integration-providers/ms_365#creating-an-app-in-microsoft-azure).

<Warning>
  If you are facing scopes missing or invalid scope error. Make sure you are not passing any custom scope not supported by the platform. And, the scopes selected here are
  identical to the ones selected in the platform.
</Warning>

#### Actions and triggers

Once the above setup is completed, you can create orchestrations of your use-cases using Microsoft 365 actions and triggers. Following are the set of Microsoft 365 actions and triggers
supported by Refold.

<Tabs>
  <Tab title="Actions">
    <AccordionGroup>
      <Accordion title="User Activity">
        1. **Get users' activity report** - Get all users' activity(optional filter by userPrincipalName) of a org for a time interval in Microsoft 365.
        2. **Get users' activity statistics** - Get all users' activity statistics in Microsoft 365.
      </Accordion>

      <Accordion title="Users">
        3. **Get users with PlanName** - Get users with PlanName in Microsoft 365.
        4. **Get all users** - Get all users of an org in Microsoft 365.
      </Accordion>

      <Accordion title="Others">
        5. **HTTP Request** - Make HTTP API calls to any Microsoft 365 documented REST APIs.
      </Accordion>
    </AccordionGroup>
  </Tab>

  <Tab title="Triggers">
    There are no triggers in this application.
  </Tab>
</Tabs>