Configuring the Settings for Using OAuth 2.0 Authentication for Linked Folder E-mail Transmission

When selecting [OAuth 2.0] in the e-mail settings authentication for Linked Folder, the administrator must configure the following settings.

Configuring the Microsoft Exchange Online Administrator Settings

This operation is performed by the administrator of Microsoft Exchange Online.
Global administrator privileges are required to allow access.

Enabling SMTP AUTH for the Microsoft 365 User

Log in to the Microsoft 365 admin center with an account for Microsoft Exchange Online.
https://admin.cloud.microsoft/
Click [Users] > [Active users].
Select to the user to use for the source e-mail address.
On the displayed screen, click [Mail].
In the [Email apps] section, select [Manage email apps].
Confirm that the check box for the [Authenticated SMTP] setting is selected.
Click [Save changes].
- If you select the [Authenticated SMTP] check box when it is deselected, it may take some time until e-mail can be sent.

Registering the App

Log in to the Microsoft Entra management center with an account for Microsoft Exchange Online.
https://entra.microsoft.com/
- Application creation permissions are required.
Click [Applications] > [App registrations].
Click [New registration].
Enter a name of your choice.
- The application name used here is not used in FUJIFILM IWpro. Register a name that is easy for the Microsoft Exchange Online administrator to identify.
In the supported account types, select [Accounts in this organizational directory only ({organization name} only - Single tenant)].
Select [Web] in the platform selection of the direct URL, and enter the following value.
http://localhost
Click [Register].

Registering Authentication

Log in to the Microsoft Entra management center with an account for Microsoft Exchange Online.
Select the registered app, then click [Authentication] in the menu on the left.
Select [Access tokens (used for implicit flows)] and [ID tokens (used for implicit and hybrid flows)], and click [Save].
Click [Certificates & secrets] in the menu on the left.
Click [New client secret].
Enter the description and expiration date in [Description] and [Expires], then click [Add].
Make a note of the string in [Value] in [Client secrets].

[Client secrets] contains the [Value] and [Secret ID] settings. The string in [Value] is used.
[Value] cannot be displayed for the created client secret after the [Certificates & secrets] screen is reloaded. If you did not make a note of the string in [Value], create a new client secret.
By default, a client secret expires after six months. You can extend this to a period of up to two years.
A link error will occur once the client secret expires. If an error occurs, follow the procedure in Updating a Microsoft Entra Client Secret.

Allowing Access

Log in to the Microsoft Entra management center with an account for Microsoft Exchange Online.
Click [Applications] > [App registrations] in the menu on the left.
Select the registered app, then click [API permissions] in the menu on the left.
Click [Add a permission].
Click [Microsoft Graph].
Click [Delegated permissions].
Select the following check box, then click [Add permissions].
- [SMTP.Send]
- [offline_access]
Click [Grant admin consent for {account name}], then click [Yes].

Confirming the Setting Values

Log in to the Microsoft Entra management center with an account for Microsoft Exchange Online.
Select the registered app, then click [Overview] in the menu on the left.
Make a note of the values displayed in [Application (client) ID] and [Directory (tenant) ID].

This completes the administrator settings.

FUJIFILM IWpro Linked Folder is configured by a general user. Share the following values that were confirmed in Registering Authentication and Confirming the Setting Values with the general user, as they are required for configuration.

Client secret
Application (client) ID
Directory (tenant) ID