Microsoft Exchange Connector#
Squirro provides a 1-click connector for Microsoft Exchange. This connector allows the Project Creators to connect to a Microsoft Azure account and index the Microsoft Exchange data into Squirro.
Set up connector#
Usage assumes that the OAuth setup for the 1-click connectors has already been done on the server. This is by default available on all of our cloud servers at https://start.squirro.com. For any other Squirro installation, please ask your Squirro server admin to follow the steps in the OAuth Configuration section below
Head over to the Enterprise tab on the Data screen as shown in the screenshot below.
Click on the Microsoft Exchange icon. Squirro will show a prompt asking you to authenticate your Microsoft Azure account. Click on the Authenticate button there.
Once you click on the Authenticate button, you will be re-directed to the Sign-in screen hosted by Microsoft.
Squirro will never ask you for your Microsoft password. This is requested by Microsoft itself.
Once you sign-in you will be prompted to approve Microsoft Exchange scopes. This screen is presented to you by Microsoft asking you to provide consent for your Microsoft Exchange data to Squirro.
After approving scopes you will be brought back to Squirro’s source configuration screen. This screen shows which Microsoft account Squirro has connected to.
Now, you can click Save & Exit for Squirro to automatically configure the mapping of item fields and labels, as well as any other required source configuration.
Messages and attachments from spam and trash folders are not fetched by default. To change that behaviour expand the Advanced Options section and check the option to fetch data from spam and trash.
Alternatively you can define those settings manually by clicking Next and going through the whole source setup process. This allows you the full flexibility of how the Microsoft Exchange data should be mapped to Squirro items.
After clicking on Save & Exit, you will see your source running. Sit back, relax & enjoy while we index your Microsoft Exchange data into Squirro.
OAuth Configuration#
App Config#
You will need to register an OAuth2 app on the Microsoft Azure portal to allow Squirro to connect to the Microsoft accounts of end users. Please follow the steps below to do so.
Note that the exact process on the Microsoft platform may change. If you notice big discrepancies between the current Microsoft website and the documentation page here, please reach out to Squirro’s support at support@squirro.com for help.
Go to Microsoft Azure Portal here: https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade, and click on the Register an application button.
On the next screen, choose the following options as shown in the screenshot below and then click on Register button:
Name: Name of the app
Supported account types: “Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)”
- Redirect URI: This is the URL Microsoft will redirect the user to after successful authorization. This needs to be set to
https://<your-server-url>/dataloader/exchange_plugin/pl/azure/authorizedon your server.For example:https://squirro.example-company.com/dataloader/exchange_plugin/pl/azure/authorized.
The next step is to add scopes to the app. To do that go to the API permissions tab and click Add a permission button.
On the next screen click Microsoft Graph button.
Next go to the Delegated permissions section.
On the next screen add the following scopes:
emailoffline_accessUser.ReadMail.Read.
After adding scopes, confirm your choices by clicking Add permissions button.
In the next step go to the Token configuration tab, click Add optional claim button and add new claim:
Token type: “ID”
Claim: “email”.
The final step is to create a Client secret key for your app. To do that go to the Certificates & secrets tab, click New client secret button and add a key:
Description: Name of your key (could be whatever you want)
Expires: Period of time after your secret key will expire (max period of time is 24 months).
Apply for Production#
Unverified apps will show a warning about unverified status during the user authorization process when the users connect their Squirro instance to their Microsoft account. To avoid that, you have to apply for Production status of the Microsoft Exchange app.
To start that process you first have to configure the Branding. This will require a logo icon, homepage URL, links to your terms of service and privacy policy. For more information go to the link: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-configure-publisher-domain.
Squirro Configuration#
After having created the OAuth2 app on the Microsoft Azure portal, you need to configure the Client ID and the Client Secret on your Squirro instance.
Go to the Overview tab of the app and copy Application (client) ID.
Next switch to the Certificates & secrets tab and copy the value of your Client Secret key.
This configuration will soon be possible from the user interface.
Edit
/etc/squirro/common.inion your Squirro cluster and add the following lines:
[dataloader]
exchange_client_id = YOUR_ID
exchange_client_secret = YOUR_SECRET
If the
[dataloader]header is already present in this file, add the two lines to the existing section. The section header can not appear more than once in the configuration file.Restart the frontend & datasource service to apply the settings:
sudo systemctl restart sqfrontendd
sudo systemctl restart sqdatasourced