Sign In

On-Premise: Azure AD Setup for OAuth

This article is intended specifically for on-premise customers who want to use Office 365 / Azure AD oAuth.

You will need to configure an AzureAD enterprise application and configure the following 2 properties, also described in the detailed config:



Obtain value for AZUREAD_CID and AZUREAD_CIS

First, obtain the value for AZUREAD_CID and AZUREAD_CIS. 

Register an application

  • Go to portal.azure.com/ >> Active Directory >> App registrations >> New registration.

Complete app registration

  • Give the app an appropriate name.
  • For 'Supported Account Types' select a Multitenant option, 'Accounts in any organization directory'. 
  • For 'Redirect URL' select 'Web' and copy and paste the following URL: https://your_server_url/integrations/office365/oauth2redirectWithAuthCode replacing 'your_server_url' with the actual URL of the server you wish to use. For example,  https://helpdesk.example.com/integrations/office365/oauth2redirectWithAuthCode
  • Click Register.


  • In the new app go to Authentication >> Add a platform.
  • Under the section 'Web' click “Add URI” and enter: " https://your_server_url/integrations/azuread/token " replacing 'your_server_url' with the actual URL of the server you wish to use. For example,  https://helpdesk.example.coml/integrations/office365/oauth2redirectWithAuthCode
  • Click Save.

Delegate permissions

  • In the new app go to API Permissions and “Add a permission” >> Microsoft Graph >> Delegated permissions >> select ALL the permissions listed below. (Use search to help locate the permissions):
  • Directory.Read.All
  • email
  • Group.Read.All
  • IMAP.AccessAsUser.All
  • offline_access
  • openid
  • People.Read
  • profile
  • SMTP.Send
  • User.Read
  • User.ReadBasic.All

Token Configuration

  • In the new app go to “Token Configuration” >> click 'Add optional claim' >> select 'ID'>> check off 'email.'
  • Select 'Add'.

Get client secret

  • In the new app go to 'Certificates & secrets'
  • Under the 'Client secrets' tab, select 'New client Secret'
  • Give it a useful description (eg: “Client Secret for OneDesk’s OnPrem install”)
  • For 'Expires' choose either 'custom' or the largest possible value.
  • Click 'Add'

Save secret token

Before leaving the page save the Value as your secret token.

Get client ID

You can obtain your Client ID from the newly created app >> Overview >> “Application (client) ID”.

Add entries to root file

In your /root/.OneDesk file add the following entries:



Once you have updated your /root/.OneDesk file you will need to reinstall the packages so the changes are applied.

dnf remove onedesk-db-utils

dnf install onedesk-db-utils onedesk-webapps onedesk-microservices onedesk-customerapps

Reach out to the support team through live chat or email if you have any questions.