To use Outlook and SharePoint features in ZenContract, you need to complete a two-step setup process. The first step is to create an Azure application in Microsoft Entra ID (formerly Azure Active Directory). Once this is done, all ZenContract users in your organization can sign into Microsoft Office 365 within ZenContract.
This article will guide you through the steps to create the Azure application. At the bottom of this article, you can find a link to another article that provides instructions on how to sign into Microsoft Office 365 within ZenContract.
Step 1: Register an Azure Application
- Log in to Microsoft Entra using an account with global admin privileges.
- Navigate to Applications / App Registrations.
- On the App Registrations page, click the "New Registration" button.
- On the New Registration page, provide a name for your application, such as "ZenContract."
- In the "Supported Account Types" section, select "Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant)".
- In the "Redirect URI" section:
- Select "Web" in the "Select a platform" dropdown.
- Enter
https://my.zencontract.com/edge/Account/AzureToken
into the URI field.
- Click the "Register" button to create the application.
Step 2: Authentication Setup
- Open the Azure application you created in Step 1.
- On the Overview tab, copy the "Application (Client) ID" and "Directory (Tenant) ID" and save them for use in Step 6.
- Navigate to the Authentication tab.
- In the "Front-Channel Logout URL" field, add the following link:
https://my.zencontract.com/system/user
. - In the "Implicit Grant and Hybrid Flows" section, enable the "Access Token" checkbox.
- Click the "Save" button to save the changes.
Step 3: Client Secret
- Navigate to the "Certificates & Secrets" tab.
- Click the "New Client Secret" button.
- Add a description for the client secret, e.g., "ZenContract integration" and choose an expiry for the secret.
- It is important to note that once your client secret expires, you will need to generate a new one. To avoid any issues in ZenContract, we kindly advise you to set a reminder on your calendar to create a new client secret ahead of the expiry date. Please note that we are unable to send you a notification regarding the expiry of client secrets.
- Click the "Add" button to create the client secret.
- Once the client secret is created, copy the "Client Secret Value" and save it for use in Step 6. Please note that the secret 'Value' can only be viewed immediately after creation.
IMPORTANT: please copy the VALUE (highlighted in the screenshot above) and not the ID.
Step 4: Add API Permissions for Office 365
- Navigate to the "API Permissions" tab.
- Click the "Add a Permission" button.
- Select "Microsoft Graph API."
- Click "Delegated Permissions" and enable the permissions listed below. You can use the "Search Permissions" field to find them more easily.
- Mail.Send
- offline_access
- Sites.ReadWrite.All
- Click the "Add Permission" button at the bottom of the page to add the permissions.
Step 5: Grant Admin Consent for Azure Application
- In the "API Permissions" tab, click the "Grant admin consent" button. Once granted, you should see green check marks in the status column for each permission.
Step 6: Enter Details into ZenContract
- Log in to ZenContract.
- Click on "Admin/Settings" from the menu.
- Navigate to the "Integrations" tab and select "Microsoft Azure" on the left.
- Enter the Azure Client ID and Azure Tenant ID from Step 2 and the Azure Client Secret from Step 6 into the corresponding fields in ZenContract.
- Click the "Save" button to save the Azure integration settings.
You have now successfully set up the Microsoft Azure integration with ZenContract. The next step is for all users in your organisation to sign into Microsoft Office 365 within ZenContract. Please follow the steps in this article: Set Up Microsoft Outlook and SharePoint (Step 2: Signing In to Microsoft Office 365)
If you have any questions about this article, please don't hesitate to reach out to support@zencontract.com.