logoGo to New Kayako
Submit a request My Requests
Submit a ticket

Articles in this section

See more

Setting up OAuth in Kayako Classic using Office 365

Author: Sam Garcia Follow

 

This document provides steps in setting up OAuth 2.0 in Kayako Classic using O365.

 

⚠️ This is only available from version 4.94.7 onwards.

You can refer to the following article for guidance Upgrading or Downgrading Your Kayako Classic Download Helpdesk

 

Step 1: Create an Organization and get the Tenant ID

Go to Azure https://portal.azure.com/ and create an Organization. Once you create the organization, you should see something like the following screenshot. We would need the Tenant ID (as highlighted below) while configuring the OAuth in Kayako Classic settings.

 

mceclip0.png

 

Step 2: Register the Kayako App

After creating an Organization, Click on App Registration > New Registration to create a new App within the organization

mceclip1.png

Fill in the details for registering a new application as per the information below:

  • Name: Provide any name you may like
  • Supported Account Type: Select 2nd option - Accounts in any organizational directory (Any Azure AD directory - Multitenant)
  • Redirect URI: For this property select the platform as Web and provide the value as https://<KC-DOMAIN>/admin/verifyoauth. Replace the <KC-DOMAIN> value with your Kayako’s domain

After filling in the following details, click on the Register button

mceclip2.png

After successfully registering the application you would be presented with a screen as shown in the below screenshot. We would need Application (Client) ID while configuring OAuth in Kayako Classic application.


mceclip3.png

 

Step 3: Create Client Secret

After creating the application, we need to create a client secret for the application. Click on the "0 certificate, 0 secret" link. You should be navigated to the Certificates & Secrets page. Click on New Client Secret as shown in the screenshot below.

mceclip4.png

Provide some description and select the value for Expires field from the dropdown.

mceclip5.png

 

Click on Add button to generate the Client Secret. The Client secret value will be visible ONLY on this screen. Please copy the value and paste it somewhere safe for further reference. Below is the screenshot of the Client Secret. Copy the highlighted value.

 

mceclip6.png

 

Step 4: Enable API Permissions

The next step is to enable API permissions so that Kayako Classic app can fetch emails from the server. To enable API permissions, click on the API Permissions menu on the left panel and click on Add a Permission option as shown in the screenshot below

mceclip7.png

Upon clicking on “Add a Permission” option, you would be presented with a Request API permissions panel from the right. Click on Microsoft Graph as shown below

mceclip0.png

Click on Delegate Permissions

mceclip1.png

Select the following permisions

mceclip2.png

Scroll Down and select IMAP

mceclip3.png

Scroll Down and select all the options under Mail

mceclip4.pngScroll Down and select User.Read permission under User

mceclip5.png

Click on Add Permissions button.

 

Step 5: Add Support Email as a User

The last step in configuring OAuth setting in Azure Active Directory is to add the support email user in the organization. Select the Users menu in the left panel and click on the New User option as shown below in the screenshot

mceclip6.png

These are all the settings required in the Azure Active Directory to enable Kayako Classic to read emails. The next step is to configure these settings in Kayako Classic 4.94.7 & above version.

 

Step 6: Setup Support email in Kayako Admin Panel

After completing the Azure Active Directory setup, you need to configure setting in your Kayako Classic instance to enable Kayako to read and parse email from your Office 365 email. Follow these steps to configure OAuth in Kayako Classic version 4.94.7 and above.

  • Login to the your Classic instance as an Admin user and navigate to Admin Panel > Email Parser > Email Queues and click on + New (in the upper right corner) as shown in the screenshot below

mceclip7.png

  • You would be presented with a screen as shown below

mceclip8.png

Enter the values for the properties based on the information provided below

 

Enter queue address: Your support email

Mailbox type: Select POP3 SSL or IMAP SSL

Mailserver hostname: outlook.office365.com

Port Number: 993

Authentication Type: OAuth

Client Id: Provide the value obtained in Step 2

Client Secret: Provide the value obtained in Step 3

Authorization Endpoint: The value for this parameter is a URL as mentioned below. In the below URL, replace the <TENANT_ID> with your Tenant ID value obtained in Step 1

https://login.microsoftonline.com/<TENANT_ID>/oauth2/v2.0/authorize

Token Endpoint: The value for this parameter is a URL as mentioned below. In the below URL, replace the <TENANT_ID> with your Tenant ID value obtained in Step 1

https://login.microsoftonline.com/<TENANT_ID>/oauth2/v2.0/token

Authorization Scope: openid email offline_access https://outlook.office.com/IMAP.AccessAsUser.All

Ignore recipient addresses and force into queue: Yes

Use the same mailserver to send email: Yes

SMTP connection type: SSL (Depends on the email setup on the client's end)

 

  • After entering the values, click on the NEXT button at the top of the page and you should see the following page

mceclip9.png

Enter the values for the properties based on the information provided below and click INSERT to finish the setup

 

Department: Select the department in which tickets should be created

Ticket type: Select the ticket type for the new tickets

Status: Select the default status for the new tickets

Priority: Select the default priority for the new tickets

Was this article helpful?
0 out of 0 found this helpful

Related articles

Still Have Questions?

Our customer care team is here for you!

Submit a request