Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Outlook O365 migration from Onprem

HariMR
Level 4

‎09-11-22 01:46 PM

Need your help here 
In one of our engagements migration activity is going on . The client has moved from Outlook 2013 to O365.
The authentication is now modern authentication. As part of this we need to get the authentication by using tokens. we already have the following details
App (client) ID:
Object ID:
Directory (tenant) ID:
Secret value:
Secret ID:
please help how we need to set Msal , Is any setting needs to be done in WebAPI services under system tab?

------------------------------
Hari MR
Developer
EY
Europe/London
------------------------------
0 Likes
22 REPLIES 22

ewilson
Staff
Staff

‎09-11-22 02:30 PM

Hello @Hari MR,

The MSAL connector, available from the DX, is implemented as a VBO. It uses Code stages to communicate with Microsoft as opposed to a Web API in Blue Prism. Given the details you said you already have you should be good to go on using the VBO's Get Auth Token - Client Secret action to request an access token. You can then use that token with the other MS Graph-based connectors on the DX like the Microsoft 365 - Outlook VBO.

Cheers,


------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

HariMR
Level 4
In response to ewilson

‎09-11-22 06:59 PM

Thanks Eric,

Checked it , but showing as a dll missing and didn't find that dll to download.

Page: Initialise
Stage: Stage1
Type: Error
Action: Validate
Description: Compiler error at top section line -9: Metadata file 'Microsoft.Identity.Client.dll' could not be found
Repairable: No


------------------------------
Hari MR
Developer
EY
Europe/London
------------------------------
0 Likes

ewilson
Staff
Staff
In response to HariMR

‎09-11-22 07:27 PM

@Hari MR,

Did you download the MSAL.NET VBO from the Digital Exchange?​ If so, it should have been delivered as a .zip file. The Microsoft.Identity.Client.dll file is included in the zip.

21102.png
Cheers,


------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------
0 Likes

HariMR
Level 4
In response to ewilson

‎10-11-22 08:53 AM

Thank you Eric, 
I found the dll and placed it and able to generate the token 🙂
Now I am using Microsoft 365Outlook VBO for sending the mail, but I didn't find any option to pass the generated token in the  input parameters.
Also if I give outlook profile in Mailbox id will it work.

21111.png

------------------------------
Hari MR
Developer
EY
Europe/London
------------------------------
0 Likes

ewilson
Staff
Staff
In response to HariMR

‎10-11-22 11:53 AM

Hi @Hari MR,

I led you astray. You don't have to call the MSAL.NET VBO directly yourself to use the Microsoft 365 - Outlook VBO. You just need to call the Authenticate action on the Outlook VBO. ​That action calls the MSAL.NET VBO internally, and it will select the appropriate authentication action based on the credentials that you pass into it. So, if you call it with Client ID and Client Secret, it will invoke the Get Auth Token - Client Secret  action on the MSAL.NET VBO.

The access token will not be returned to you though. It will be stored within the Outlook VBO in a global variable (defined on the Initialise tab) and referenced internally by any of the other actions.

As far as Mailbox ID is concerned, that needs to be set the email address of the mailbox (ex. john.doe@xyz.com) or the unique ID of the user within Azure AD (i.e. it's a value similar to a UUID). I find that the email address is the easiest route to take.

Cheers,

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------
0 Likes

HariMR
Level 4
In response to ewilson

‎10-11-22 12:41 PM

Thanks Eric,
I can see the access token generated in the initialize page 
21124.pngbut when I use send mail functionality to send mail, it is throwing error as access token empty., but the token is there in the initialize page. Getting confused. here
21125.png

------------------------------
Hari MR
Developer
EY
Europe/London
------------------------------
0 Likes

ewilson
Staff
Staff
In response to HariMR

‎10-11-22 01:21 PM

@Hari MR
​,

I've seen this behavior before. The issue is that you have an old version of the Utility - HTTP VBO installed. About 16 - 24 months ago we released an update to the HTTP VBO that added support for bearer tokens. You just need to get the latest version of that VBO. You can find it at the link below:

https://digitalexchange.blueprism.com/dx/entry/3439/solution/utility---http

Cheers,

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------
0 Likes

HariMR
Level 4
In response to ewilson

‎10-11-22 06:51 PM

Thankyou very much Eric. That worked.
The response that I am getting for send mail is some thing like this. 
" 403 Forbidden error"  that I believe is some permission they have to give in Microsoft Azure. 



------------------------------
Hari MR
Developer
EY
Europe/London
------------------------------
0 Likes

ewilson
Staff
Staff
In response to HariMR

‎10-11-22 07:14 PM

@Hari MR,

That could be the case. They need to verify the App Registration, which the Client ID is associated with, includes the Mail.Send permission and/or Mail.Send.Shared if trying to send from a shared mailbox.

Cheers,


------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------
0 Likes