Glean

Please follow the below instructions to create a custom OAuth app to use for Microsoft 365 actions. 

Step 1: Register an app using this link: <a href="https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app?tabs=certificate" rel="nofollow noopener noreferrer" target="_blank">https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app?tabs=certificate</a>

Make sure to choose “Single tenant” and click Register. 

Leave the “Redirect URI” as blank for now, we shall fill this later.

Step 2: Please copy these IDs, we will need them later in the setup: 

This can be found in Manage -&gt; Certificates &amp; secrets -&gt; Add a client secret -&gt; Copy the value of the secret generated 

Go to Add Permissions -&gt; Choose Delegated Permissions

- Go to Add Permissions -&gt; Choose Delegated Permissions

- Mail.ReadWrite
- Files.ReadWrite.All
- Sites.ReadWrite.All
- offline_access
- User.Read
- Openid
- Email

- Add the following Permissions:
  - Mail.ReadWrite
  - Files.ReadWrite.All
  - Sites.ReadWrite.All
  - offline_access
  - User.Read
  - Openid
  - Email

Step 4: Go to Glean, inputs information and save the action pack

Go to the Glean Microsoft 365 Action setup

Paste the values of Client ID and Client Secret that were copied earlier into the right fields here. 

Paste the following values for the other fields (replace &lt;tenant_id&gt; with the Tenant ID that was copied earlier:

- Client url: <a href="https://login.microsoftonline.com/&lt;tenant" rel="nofollow noopener noreferrer" target="_blank">https://login.microsoftonline.com/&lt;tenant</a> id&gt;/oauth2/v2.0/authorize
- Authorization url: <a href="https://login.microsoftonline.com/&lt;tenant" rel="nofollow noopener noreferrer" target="_blank">https://login.microsoftonline.com/&lt;tenant</a> id&gt;/oauth2/v2.0/token

- Go to the Glean Microsoft 365 Action setup
- Paste the values of Client ID and Client Secret that were copied earlier into the right fields here. 
- Paste the following values for the other fields (replace &lt;tenant_id&gt; with the Tenant ID that was copied earlier:
  - Client url: <a href="https://login.microsoftonline.com/&lt;tenant" rel="nofollow noopener noreferrer" target="_blank">https://login.microsoftonline.com/&lt;tenant</a> id&gt;/oauth2/v2.0/authorize
  - Authorization url: <a href="https://login.microsoftonline.com/&lt;tenant" rel="nofollow noopener noreferrer" target="_blank">https://login.microsoftonline.com/&lt;tenant</a> id&gt;/oauth2/v2.0/token
- Click on Save!

You should see a Callback url appear at the bottom of the screen above, copy this callback url

Go to the Microsoft OAuth app registration again

Go to Manage -&gt; Authentication -&gt; Configure Web -&gt; Paste the callback url in the Redirect URIs input field

- You should see a Callback url appear at the bottom of the screen above, copy this callback url
- Go to the Microsoft OAuth app registration again
- Go to Manage -&gt; Authentication -&gt; Configure Web -&gt; Paste the callback url in the Redirect URIs input field

That's it! You should now be able to use Microsoft 365 Actions using this Custom OAuth app!

Refer to <a href="https://help.glean.com/en/articles/10627206-microsoft-365-actions">Microsoft 365 Actions</a> on how to use these actions!

Go to enterprise applications on the microsoft page to set the tenant wide consent settings

If you would like admins to allow consent for organization choose first

If you want users to be able to consent individually the first time they use choose third option

If you want users to be able to consent but only for selected permissions select the second option and add the above permissions added for the app , otherwise some users might be able to consent for more scopes than configured in the app

- If you would like admins to allow consent for organization choose first
- If you want users to be able to consent individually the first time they use choose third option
- If you want users to be able to consent but only for selected permissions select the second option and add the above permissions added for the app , otherwise some users might be able to consent for more scopes than configured in the app

Note: When the user/admin authenticates, you can see them along with the granted permissions on this page

Step 1: Register an app using this link: https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app?tabs=certificate

Step 2: Please copy these IDs, we will need them later in the setup:

Step 3: Add Permissions

Step 4: Go to Glean, inputs information and save the action pack

Step 5: Update Callback URL

That's it! You should now be able to use Microsoft 365 Actions using this Custom OAuth app!

Additional Configurations: