Why do I need Exchange Online API Authentication?
The Exchange Online API is used in place of the Microsoft Graph API for actions not yet exposed by M365 such as:
Engage
Converting a mailbox to shared
Giving a user access to another's OneDrive
Retrieving and removing email alias's
Removing delegate permissions from a user
Secure
DLP Policy audit
Self-service password reset
Password Reset Notification
teams default external/guest access
Default Sharepoint/Onedrive settings
Azure MFA per-user
The Exchange Online API is authenticated by a Global Admin and fully supports MFA. A secure token is then generated by the endpoint to provide a permanent safe integration.
Running the script
1. In the Augmentt portal navigate to Configuration>Integrations
2. Select the customer account you wish to set up the integration for.
3. In the Microsoft 365 box, click on “Connect Exchange Online”
4. In the pop-up window, download the script
5. The script must be run in a Powershell window as Administrator privilege.
6. The script will verify if Pn.P Powershell is installed. If not, it will prompt for installation. This is required in order to perform the authentication.
7. Once the script has run, you will be prompted to register the PnP Management Shell. Use the same global administrator credentials used previously to set up the initial integration with Microsoft 365. After filling in your global admin credentials, click the box to consent on behalf of your organization, and click accept.
8. In your Powershell window you will receive a script output. Copy the entire output text including the { } brackets
9. Paste the script output into the pop-up window in Augmentt.
If there were no errors, you should get a green check and see the Exchange Online connection in Augmentt.
Troubleshooting Tips
Powershell Execution Error
Depending on your Powershell security configuration, you may receive an error regarding the file not being digitally signed.
Solution
Run "Get-ExecutionPolicy -List"
If CurrentUser's ExecutionPolicy is set to RemoteSigned, temporarily unrestrict this Powershell session by running the following
"Set-ExecutionPolicy -ExecutionPolicy Unrestricted"
In the same Powershell window, you may now execute the downloaded script.
Error when retrieving Exchange Online Tokens "Something is up on our end"
When submitting the Exchange Online Tokens, Augmentt is utilizing functions of the Microsoft Azure Management services, which does the token retrieval for your tenant. As such, policies blocking this service will cause this operation to fail.
Solution
Update any conditional access policies for your tenant which are restricting access to, or blocking access, to Exclude the "Microsoft Azure Management from the "Cloud Apps" category.
