Gareth Cantrell Posted August 23, 2023 Posted August 23, 2023 We have the premium iBridge package which includes the Microsoft Office 365 integration which we'd really like to use in our processes. However, the current integration appears to use Azure Active Directory v1.0 endpoints, which means the integration requests EVERY permission available and not only the permission required for the available operations (ie. calendar, contact and mail). This is preventing us from using the integration as our SOC team is not okay with granting permissions which are not required. We therefore are requesting that the integration is updated to use the Microsoft Identity Platform (v2) as in the below note: https://learn.microsoft.com/en-us/azure/active-directory/azuread-dev/azure-ad-endpoint-comparison#incremental-and-dynamic-consent 1
Joshua Howitt Posted August 23, 2023 Posted August 23, 2023 We are currently in the process of updating the Microsoft integrations to only require the specific scopes each integration needs to run successfully. Existing examples of this can be seen within Microsoft Teams and Entra ID. Please let me know if you have any further questions about this. 3
Martyn Houghton Posted August 24, 2023 Posted August 24, 2023 @Gareth Cantrell @Joshua Howitt The requirement for full Admin access has been a blocker for our organisation as well and we have not been able to progress with operations such as being able to send Calendar entries to Co Workers etc, so this is really good news. Cheers Martyn FYI @Paul Chambers 2
Joshua Howitt Posted August 24, 2023 Posted August 24, 2023 Hi @Martyn Houghton Glad I could help. Josh 1
Gareth Cantrell Posted October 17, 2023 Author Posted October 17, 2023 Wondering if there's been any updates to anymore Microsoft 365 integrations since the last update to this thread?
Steve G Posted October 20, 2023 Posted October 20, 2023 @Gareth Cantrell This work is still ongoing, but we have deprecated the old Azure User & Group operations (that required the full Microsoft admin permissions) and replaced them with operations that require much fewer permissions to operate. Details can be found on the Hornbill wiki. As and when more operations are replaced to use the new endpoints and fewer scopes, they will be published on the Announcements forum when released. Thanks, Steve
Gareth Cantrell Posted May 1, 2024 Author Posted May 1, 2024 Just checking in to see if there are any updates to this; the Microsoft key type is still requesting god-mode using the old v1 API, and we'd really like to start getting some integrations and automations working without resorting to custom code via the iBridge HTTP (experimental) integration. 1
Joshua Howitt Posted May 16, 2024 Posted May 16, 2024 Hi @Gareth Cantrell, Updating the scopes on these operations is next on our list of updates and will be completed as soon as possible. I will keep you updated as this progresses. 1 1
Joshua Howitt Posted May 22, 2024 Posted May 22, 2024 Hi @Gareth Cantrell, the new O365 operations should not request 'god-mode' permissions anymore and will run using the specific scopes required. Please let me know if you run in to any issues or have any questions. 2
Gareth Cantrell Posted May 24, 2024 Author Posted May 24, 2024 @Joshua Howitt great work, we have successfully established a connection and can create basic calendar events, now time to fill up the forum with some more enhancement requests 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now