Configure Print&Share to send emails via Office 365 (Azure)

Image

In this article we'll guide you step-by-step on how to configure Ricoh's Print&Share and Microsoft Azure to send emails via Microsoft Office 365.

This information is intended for IT administrators who have access to Microsoft Azure and who have access to the Print&Share configuration.

General

Using Print&Share it is possible to send emails via Microsoft Office 365. Office 365 is a service that runs in the Cloud on Microsoft Azure. Therefor Print&Share will need to have access to this service in Azure.

In the next steps you will configure Microsoft Azure to allow Print&Share to communicate or interact with the MS Exchange service of Office 365. After this one-time configuration in Azure is ready, the settings can be used and configured in Print&Share.

1. Configure Microsoft Azure

Note: a 'blade' is a pane that stays open in Azure. You will notice that instead of opening new dialogs, a new 'blade' opens on the right side.

  1. Navigate to the Azure Portal via https://portal.azure.com and login with an administrator account of your organisation.
    (You will need to have sufficient permissions to be able to configure everything).
  2. If everything is fine you will see your Azure Dashboard.
    Go to the App Registration service. This can be reached in different ways, both will result in the same information blade:
    1. Click in the left menu on Azure Active Directory and in the navigation blade click on App registrations
      Image
    2. On the top search input box, search for app registrations and select the result under Services.
      Image
  3. (depending on your permissions: to list all apps, click on the View all applications button.)
  4. Click on New application registration from the App registrations menu.
  5. In the Create form, fill in
     Name: Print&Share
     Application type: Native
     Redirect URI: https://orgdomain.extension/winking/printandshare
    
    Make sure you replace the orgdomain.extension with your information. Note that the value does not need to be a physical endpoint, but must be a valid URI.
    Image
  6. Click the Create button at the bottom. This will register an application in Azure Active Directory (AAD). You will see an Application ID, and Object ID will be generated.
  7. Click on Settings
  8. Click on Properties and fill in the Home page URL: http://www.printandshare.info.
    Click Save to save the changes and close the Properties blade.
  9. Click on Required permissions
  10. Click on Add to 'Add API access, because Print&Share needs to be able to access the Office 365 services.
  11. Click Select an API and select Office 365 Exchange Online and confirm by clicking the Select button at the bottom.
  12. Now you need to Select permissions, to say what Print&Share should be able to do.
  13. For now we'll enable the DELEGATED PERMISSIONS checkbox so that all permissions are enabled. Confirm by clicking Save.
  14. Now we have configured the permissions that Print&Share needs to connect to Exchange/Office 365. To apply these permissions to the users in the Active Directory, we need to Grant permmission. In the Required permissions blade, select Office 365 Exchange Online and click Grant permissions.
    Image
  15. You will be asked to grant the permissions for all accounts in the current directory. Confirm by clicking Yes.
    Image

2. Configure Print&Share

  1. Create a new profile Print&Share with an email channel
  2. In the Email channel configuration, click on Transport Settings
  3. Select for Transportation Method the option: Microsoft Exchange/Office 365
  4. Option Login: select OAuth
  5. Fill in the settings (see remarks at the bottom):
     Authority: https://login.windows.net/common/oauth2/authorize
     Client/App ID: <your Application ID from Azure>
     Redirect URI: <your Redirect URI from Azure>
    
  6. For the group Exchange server url select the option Specify url and use https://outlook.office365.com/EWS/Exchange.asmx
  7. Click Test settings button to see if everything is configured correctly.

NOTE:

  1. The Client/App ID can be found in Azure by navigating to:
    1. Azure Active Directory
    2. App registrations
    3. View all applications
    4. Copy the APPLICATION ID from the list, or click the Print&Share application to see more details
  2. The Redirect URI can be found in Azure by navigating to:
    1. Azure Active Directory
    2. App registrations
    3. View all applications
    4. Click the Print&Share application
    5. Click Settings
    6. Click Redirect URIs
    7. Copy the URI there. In most cases it should be similar to: https://orgdomain.extension/winking/printandshare.
  3. For the Authority we use the common OAUTH2 Authorization URL: https://login.windows.net/common/oauth2/authorize. It is possible that you will use a specific Authority URl which has this format: https://login.microsoftonline.com/<tenant>/oauth2/token The can be found by navigating to:
    1. Azure Active Directory
    2. Properties
    3. Copy the Directory ID GUID. Instead of a GUID, Microsoft seems to also accept your <orgdomain>.onmicrosoft.com in the URL like: https://login.microsoftonline.com/<orgdomain>.onmicrosoft.com/oauth2/token Another way to find the Authority URL is by navigating to:
    4. Azure Active Directory
    5. App registrations
    6. Click View all applications
    7. Click Endpoints at the top menu
    8. Copy the OAUTH 2.0 TOKEN ENDPOINT URL.

Remarks

Normally it should be possible to register a new application directly via the Microsoft Application Registration Portal, which can be found via https://apps.dev.microsoft.com. However we have found that this service is often unavailable. Using the Azure Portal works better but is a bit more overwhelming at the beginning.

You are receiving this message:

clientAppDisplayName needs permission to access resources in your organization that only an admin can grant. Please ask an admin to grant permission to this app before you can use it It is very likely that you forgot to Grant permissions for Office 365 Exchange Online in Azure.

See also