Skip to main content

Microsoft Exchange Integration - Graph API (Microsoft 365)

© 2025 SynergySKY Ltd. All Rights Reserved.

Microsoft Exchange Integration - Graph API (Microsoft 365)

Last Updated

Introduction

We strongly recommend Microsoft 365 customers configure Synergy SKY with Microsoft Graph API for Microsoft 365.

In line with the end of support notification for EWS Basic Authentication, Microsoft has created a new authentication method known as Microsoft Graph. Microsoft Graph allows for increased performance towards the Microsoft Cloud. Over time, Microsoft has introduced OAuth 2.0 for authentication and authorization, which is more secure and reliable than Basic Authentication to access data.

You can find additional information relating to Microsoft Graph here.

We have provided instructions on how to set up Microsoft Graph with Synergy SKY below.

You can jump to calendar permission properties by clicking here.

 

This guide will explain how to:

  • Select / Create ActOnBehalfOfEmail
  • Create an App Registration, Client Certificate & Secret
  • Add API Permissions

Prerequisites

Microsoft
Azure 		You will need administrator privileges for your organization in the Azure portal.

Optional step to secure the application to a security group

 

Step-by-Step Guide
Creating/Selecting the Act on Behalf of email

The Synergy SKY Act on Behalf of email is the email address that will be used to notify users of their meeting updates and progress. You are not required to create a new email account. It is possible to use an existing service email account that exists in your organization however if you would like to create a new service account, we have steps on how you can achieve this below:

  1. Log in to https://portal.azure.com
  2. Click on left hamburger menu > Microsoft Entra ID > + Add > User > Create New User (Or search for 'users' in the top search bar)
  3. Type in the Username, Name and verify password settings and choose to save

Configuring Microsoft Graph API

  • Log In to https://portal.azure.com
  • Click on left hamburger menu > Microsoft Entra ID > + Add > App registration (Or search for 'registrations' in the top search bar)
  • Enter a name and click Register
    • Accounts in this organizational directory only (SynergyPlay only - Single tenant)



  • Click on API permissions (left side menu)
  • Click on Add a permission
    • Microsoft Graph
      • Application Permissions:

        • Calendars.ReadWrite (For Reading Resource Calendar and writing back any info needed, can be limited to Security group as outlined below)
        • Mail.Send (For email alerts to UC admins, configured specifically in the Application)
        • User.Read.All (For reading address book to add rooms)

  • Click the Add permissions button
  • Grant Consent: An admin needs to login and click the “Grant admin consent” button

 

Obtain credentials

The Tenant ID, Client ID and Secret Value are what are required for configuration, so that Synergy SKY can read and process your meeting room's meetings.

  • Navigate to the Overview page of your App registration 
  • Take note of the:
    • Application (client) ID
    • Directory (tenant) ID
  • Click Add a certificate of secret > + New client secret
    • 24 months is the max duration. Be warned, there is no good way to know when this will expire
  • Copy the secret Value, not the Secret ID

 

 

Next: Mailbox permissions

Related to

Was this article helpful?