Authorizing Coveo Cloud to Access the Exchange Mailboxes of Your Azure AD Users

When you want to make Microsoft Exchange mailboxes of users listed in Azure Active Directory searchable, you must authorize Coveo Cloud to access the desired content.

The OAuth 2.0 protocol is a protocol used to grant access to external applications without exposing the user’s real credentials. For Coveo to connect to your Exchange users’ mailboxes, it must acquire a client ID, a client key, a Windows Azure AD Graph API endpoint, and an OAuth 2.0 token endpoint.

To authorize Coveo Cloud to access the Exchange mailboxes of your Azure AD users:

  1. Log in to the Microsoft Azure management portal with a user account that has the role to create an Azure Active Directory application.

  2. On the Azure homepage, click the Azure Active Directory service.

  3. In the navigation menu, select App registrations.

  4. Click New registration, and then follow the Microsoft Azure documentation on how to create an application.

    Your application must be of type Single tenant.

  5. On your application page, copy your Application (client) ID and your Directory (tenant) ID, as you will need them when configuring your Exchange Enterprise source.

  6. Click Endpoints, and then copy the OAuth 2.0 Token Endpoint (V1) endpoint, as you will need it when configuring your Exchange Enterprise source.

  7. In the navigation menu, select API permissions.

  8. On the API permissions page, click Add a permission.

  9. In the Request API permissions panel that opens, under Supported legacy APIs, click Azure Active Directory Graph.

  10. Select the Application permissions type.

  11. Under Select permissions, in the Directory category, check the Directory.Read.All (Read directory data) box, and then click Add permissions.

  12. Back on the API permissions page, click Grant admin consent for [Application name], and then, in the confirmation prompt, click Yes.

  13. In the navigation menu, select Certificates & secrets.

  14. On the Certificates & secrets page, click New client secret to create a client secret. Upon successful configuration, your key Value appears. Copy this value, as you will need it when configuring your Exchange Enterprise source.

    The key value is only displayed once and isn’t retrievable afterwards.

What’s Next?

In the Coveo Administration Console, add an Exchange Enterprise source (see Add or Edit an Exchange Enterprise Source).

Recommended Articles