Enable integration in Microsoft Azure

You'll perform the following steps in Microsoft Azure. Your Azure admin will require your organization's Sage People custom domain URL.

Custom domains are in the following form:

  • [yourorg].my.salesforce.com

You can find your organization's custom domainby going to Setup, selecting Company Settings and then clicking My Domain:

Screenshot: My Domain settings

Important

Someone with administrator access to your Microsoft Azure account must perform these steps. Depending on your organization, this could be an IT administrator, or a third party that manages your Microsoft Azure settings.

Register a Calendar integration app

You must create an app for Outlook calendar integration in your Microsoft Azure account. This app provides some details such as who can use the integration, and your organization's unique custom domain.

  1. Sign in to your Microsoft Azure account as an administrator.

  2. Go to Identity, then to Applications and select App Registrations.

    Select +New registration.

  3. Complete the required information as follows:

    Screenshot: register an app in Microsoft Azure

    • Name: give the app a descriptive name, such as Sage People Calendar Integration

    • Supported account types: select Accounts in this organizational directory only

    • Redirect URI: select Web and enter the URI for your organization. This consists of your organization's custom domain, and a URL path, in the form shown below:

      Copy 
      https://<custom_domain_URL>/apex/SgPpl__DelegatedAccessRedirect

      For example:

      https://yourorg.my.salesforce.com/apex/SgPpl__DelegatedAccessRedirect

      Find your organization's custom domain by going to Setup, selecting Company Settings and then clicking My Domain.

      Custom domains are in the following form:

      • [yourorg].my.salesforce.com

      You can find your organization's custom domainby going to Setup, selecting Company Settings and then clicking My Domain:

      Screenshot: My Domain settings

  4. Select Register to create the app.
Note If you're planning to connect to your Sandbox for testing, you’ll need a second URI with the domain for the Sandbox. The domain is https://<domain>--<sandboxname>.sandbox.my.salesforce.com/apex/SgPpl__DelegatedAccessRedirect.

Copy the client ID and tenant ID

Make note of the client ID and tenant ID for the app. You'll need these values to connect your Sage People organization to your Azure account.

  1. Go to App registrations and select the app you just created.

  2. Copy the following values for the app and store them safely. You’ll need these values later.

    • Application (client) ID

    • Directory (tenant) ID

    Screenshot: copy the client ID and tenant ID for the Azure app

  3. If you're setting up the Azure integration on behalf of a Sage People administrator, ensure you pass these details to them. They'll need these details as part of Sage People setup. See Add Azure details to Sage People.

Create a client secret

Create a client secret you'll use to authenticate your Sage People organization when it connects to Microsoft Azure.

  1. Go to App registrations and select the app you’ve created.

  2. Select Add a certificate or secret.

    Screenshot: add a certificate or secret for the Azure app

  3. Select +New client secret.

  4. Enter a Description for the secret, such as Sage People Calendar Integration.

    Set the Expires value for the secret. We recommend you select a value of 12 months or less.

    Remember to create a new secret before it expires, and update this in your Sage People organization. See Add Azure details to Sage People.

    Screenshot: add a new client secret in Azure

  5. Select Add. The client secret displays. Ensure you copy the secret Value and store it safely. You'll need this value later.

    Important The client secret value only displays immediately after creating it. Ensure you copy the value before leaving the page.

  6. If you're setting up the Azure integration on behalf of a Sage People administrator, ensure you pass the client secret value them. They'll need this as part of Sage People setup. See Add Azure details to Sage People.

Add API permissions

You must grant permissions for the app to read from and write to the Outlook Calendar for your Active Directory users. You'll need these permissions to generate Calendar entries for Sage People events.

  1. Go to App registrations and select the app you've created.

    In the left menu, select API permissions.

  2. Select +Add a permission.

  3. Select Microsoft Graph.

  4. Select Delegated permissions.

    Screenshot: select delegated permissions

  5. Select the following permissions.

    Under OpenId permissions, select:

    • offline_access

    Scroll to the Calendars section, and select:

    • Calendars.ReadWrite

  6. Select Add permissions.
  7. Beside the User.Read permission, select the three dots context menu, and select Remove permission. The system adds this permission by default, but doesn't require it.

  8. Select the Grant admin consent button above the permissions list. This grants the required permissions for all users in your Azure tenant.

    Screenshot: grant admin consent

  9. Select Yes to confirm.

Provide information to the HR administrator

If different people are performing the Microsoft Azure and Sage People setup, make sure you share the information you saved with the Sage People HR administrator.

  • Application Client ID

  • Application Tenant ID

  • Client Secret value

You'll need this information in the next step, Add Azure details to Sage People.