Obtaining a Client and Tenant ID for a Microsoft 365 Migration

With an email migration to or from Microsoft 365, we only support Modern Authentication for Microsoft 365 endpoints used for Mailbox, Online Archive mailbox, and Public Folder migrations. Modern Authentication provides a more secure authentication mechanism for registered applications to connect to Microsoft Entra ID and Microsoft 365. 

Microsoft's documentation explains enabling and disabling Modern Authentication for Exchange Online.

Registration and Configuration

Important

Below the steps, please find corresponding images representing each step or a group of steps.

  1. Log in to the Microsoft Entra admin center with a Global Administrator login.
  2. Click View all products and select Microsoft ID (Azure AD) in the Microsoft Entra Admin Center.
  3. In the left sidebar, open the Applications dropdown list and select App Registrations, which is found under Identity.
  4. Select New Registration at the top of the screen.

    New App Office 365
  5. Give the app a distinct name. You can change this later if necessary.
  6. Select the Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multi Tenant) radio button.
  7. Under Redirect URI (optional), select Public client/native (mobile & desktop) and set it to urn:ietf:wg:oauth:2.0:oob
  8. Click Register.
    Microsoft 365 App Name
  9. In the Overview tab, you will find the Application (client) ID and the Directory (Tenant) ID.
  10. Copy both of these to another application, such as Notepad, for use later in this process.
    Authentication Settings
  11. Under the Manage menu, select Authentication.
  12. Set the option Allow public client flows to Yes
  13. Click Save.
    Add Permissions
  14. From the Manage menu, select API permissions.
  15. If an API permission is named User.Read under Microsoft Graph is already present, this can be removed. The Microsoft Graph API does not apply to this project type and is not used.
  16. Click Add a Permission.
    API Permissions
  17. Select APIs my organization uses.

  18. Scroll down or search for the following permissions Office 365 Exchange Online.
    Request API permissions

  19. Select Delegated Permissions.

  20. Select EWS.

  21. Check the box under EWS for EWS.AccessAsUser.All.
  22. Click Add Permissions. This permission only allows the OAuth application (MigrationWiz) to be associated with EWS.

    Important

    This does not grant access to all mailbox data.
    Request API permissions
  23. Click Grant admin consent.
    Grant Permissions
  24. Click Yes to confirm the settings. Under the Status column, you should see a message that permission has been granted for the domain.
  • 135 gebruikers vonden dit artikel nuttig
Was dit antwoord nuttig?

Gerelateerde artikelen

I am unable to log in to Webmail

If you are still unable to access Webmail, try the following troubleshooting steps: Verify the...

Webmail keyboard shortcuts

When you login to Webmail, your premium webmail account includes various keyboard shortcuts....

Moving an Email into a Folder

To move an email into another folder, click and drag the email from the email list to a folder in...

How can I access Webmail settings?

You can access Webmail settings of your Premium Email account by logging into Webmail:...

Renaming a Folder

To rename a folder with Webmail, follow the directions below:1. Right-click on the email folder...