OAuth 2.0 for Microsoft Apps

Configuring OAuth 2.0 for integrations with Microsoft apps

Many Microsoft apps (like Teams, Outlook, OneDrive, etc.) use OAuth 2.0 for authorization.

To enable OAuth 2.0 auth in your integration, you'll first need to register your app with Microsoft.

1. Open Azure Portal and create a new app registration.
2. Be sure to select Any Azure AD directory - Multi-tenant as the supported account type, so your customers (who have different Microsoft tenants) can use your integration.
3. Select Web under Platforms and add the Prismatic OAuth 2.0 callback URL as the Redirect URI. The Prismatic OAuth 2.0 callback URL for the US commercial region is https://oauth2.prismatic.io/callback. If your Prismatic tenant is in a different region or you're using a custom domain, you'll need to use the appropriate callback URL for your region or domain. See OAuth 2.0 callback URLs for more information.
4. Open Certificates & Secrets and add a new Client Secret. Note the value of the secret (not the ID!).
5. Note the Application (client) ID from the Overview page.

With your app registered, you can now configure your integration to use OAuth 2.0 using the client ID and client secret you generated.

Customizing the Microsoft OAuth 2.0 consent screen

You can customize the icon and name that appear on the OAuth 2.0 consent screen by adding a Branding & properties section to your app registration.

Microsoft OAuth 2.0 app approval

Microsoft will allow you to test your integration with your own Microsoft account, but you'll need to submit your app for approval before it can be used by other users. You can do that by adding your MPN ID under the Branding & properties section of your app registration.