Enable integration in Microsoft Azure

The following steps are performed in Microsoft Azure. Your Azure admin will require your organization's custom domain URL.

Custom domains are in the following form:

  • [yourorg].my.salesforce.com

Your organization's custom domain can be found by going to Setup > Company Settings > My Domain:

Screenshot: My Domain settings

Important These steps must be performed by someone with administrator access to your Microsoft Azure account. Depending on your organization, this could be an IT administrator, or a third party that manages your Microsoft Azure settings.

Register a Calendar integration app

You must create an app for Outlook calendar integration in your Microsoft Azure account. This app provides some details such as who can use the integration, and your organization's unique custom domain.

  1. Sign in to your Microsoft Azure account as an administrator.

  2. Go to App registrations.

    Select +New registration .

    Tip

    The quickest way to find this in your Azure account is to search for "app registration" in the search bar:

    Screenshot: Microsoft Azure app registration

    Alternatively, you can use the following URL to access the Register an application page directly:

    Copy 
    https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade

  3. Complete the required information as follows:

    Screenshot: register an app in Microsoft Azure

    • Name: give the app a descriptive name, such as Sage People Calendar Integration

    • Supported account types: select Accounts in this organizational directory only

    • Redirect URI: select Web and enter the URI for your organization. This consists of your organization's custom domain, and a URL path, in the form shown below:

      Copy 
      https://<custom_domain_URL>/apex/SgPpl__DelegatedAccessRedirect

      For example:

      https://yourorg.my.salesforce.com/apex/SgPpl__DelegatedAccessRedirect

      Find your organization's custom domain by going to Setup > Company Settings > My Domain.

      Custom domains are in the following form:

      • [yourorg].my.salesforce.com

      Your organization's custom domain can be found by going to Setup > Company Settings > My Domain:

      Screenshot: My Domain settings

  4. Select Register to create the app.

Copy the client ID and tenant ID

Make note of the client ID and tenant ID for the app. These values are required in order to connect your Sage People organization to your Azure account.

  1. Go to App registrations and select the app you just created.

  2. Copy the following values for the app and store them safely. You will need these values later.

    • Application (client) ID

    • Directory (tenant) ID

    Screenshot: copy the client ID and tenant ID for the Azure app

  3. If you are setting up the Azure integration on behalf of a Sage People administrator, ensure you pass these details to the administrator for the organization. They will need these details as part of Sage People setup. See Add Azure details to Sage People.

Create a client secret

Create a client secret that is used to authenticate your Sage People organization when it connects to Microsoft Azure.

  1. Go to App registrations and select the app you have created.

  2. Select Add a certificate or secret.

    Screenshot: add a certificate or secret for the Azure app

  3. Select +New client secret.

  4. Enter a Description for the secret, such as Sage People Calendar Integration.

    Set the Expires value for the secret. We recommend you select a value of 12 months or less.

    Remember to create a new secret before it expires, and update this in your Sage People organization. See Add Azure details to Sage People.

    Screenshot: add a new client secret in Azure

  5. Select Add. The client secret is displayed. Ensure you copy the secret Value and store it safely. You will need this value later.

    Important The client secret value is only displayed immediately after creating it. Ensure you copy the value before leaving the page.

  6. If you are setting up the Azure integration on behalf of a Sage People administrator, ensure you pass the client secret value to the administrator for the organization. They will need this as part of Sage People setup. See Add Azure details to Sage People.

Add API permissions

You must grant permissions for the app to read from and write to the Outlook Calendar for your Active Directory users. These permissions are required to generate Calendar entries for Sage People events.

  1. Go to App registrations and select the app you have created.

    In the left menu, select API permissions.

  2. Select +Add a permission.

  3. Select Microsoft Graph.

  4. Select Delegated permissions.

    Screenshot: select delegated permissions

  5. Select the following permissions.

    Under OpenId permissions, select:

    • offline_access

    Scroll to the Calendars section, and select:

    • Calendars.ReadWrite

  6. Select Add permissions.
  7. Beside the User.Read permission, select the 3 dots context menu, and select Remove permission. This permission is added by default, but is not required.

  8. Select the Grant admin consent button above the permissions list. This grants the required permissions for all users in your Azure tenant.

    Screenshot: grant admin consent

  9. Select Yes to confirm.

Provide information to the HR administrator

If the Microsoft Azure and Sage People setup are being performed by different individuals, make sure you share the information saved as part of the preceding steps with the Sage People HR administrator.

  • Application Client ID

  • Application Tenant ID

  • Client Secret value.

This information will be needed in the next step, Add Azure details to Sage People.