Mitel Forums - The Unofficial Source

Mitel Forums => Mitel Software Applications => Topic started by: b.souchet on November 23, 2022, 10:38:19 AM

Title: [OAuth 2.0 - Micollab] Calendar integration Permission error
Post by: b.souchet on November 23, 2022, 10:38:19 AM

Hello,

I am contacting you because following the deactivation of the basic authentication protocol by Microsoft, we are unable to implement the OAUTH2.0 protocol on our Micollab server.

We have followed the help section provided by mitel (see attachment), but we see in the "cim.log" log file that the user does not have sufficient rights to access the calendars of our tenant's users. (see attachment).

I also attach a screenshot with the access rights configured on the API. We must filter access as accurately as possible for security reasons.

thank you in advance for your help

Benjamin

Title: Re: [OAuth 2.0 - Micollab] Calendar integration Permission error
Post by: axemanozh7 on November 27, 2022, 06:26:05 PM

I'm having trouble getting this going, as well. Everything connects in the CloudLink section, and as you note, we set up the permissions in our Azure/365 tenant as per Mitel's instructions but we get the insufficient permissions error as well. NuPoint Advanced UM voicemail-to-e-mail is the bigger concern as that is high value for a lot of our users, so we'll be opening a case with our Mitel re-seller this week to check into it. (Microsoft will permanently disable basic authentication by 1/1/23, so we need this fixed by then.)

I'll come back and update this thread if we get it figured out.

Title: Re: [OAuth 2.0 - Micollab] Calendar integration Permission error
Post by: lundah on November 28, 2022, 11:10:03 AM

You need to grant the service account "full_access_as_app" permissions.

Title: Re: [OAuth 2.0 - Micollab] Calendar integration Permission error
Post by: axemanozh7 on November 28, 2022, 12:10:48 PM

Quote from: lundah on November 28, 2022, 11:10:03 AM

You need to grant the service account "full_access_as_app" permissions.

We did that to no effect. Speaking with our Mitel reseller this morning, they said that there is a known issue in some versions of MiCollab that they are checking into.

Title: Re: [OAuth 2.0 - Micollab] Calendar integration Permission error
Post by: b.souchet on December 06, 2022, 04:59:04 AM

Hello @Lundah,

For my case, we managed to get the calendar integration working with "full_access_as_app" rights to validate that the Micollab server side configuration and Microsoft API was OK, however, we need to refine the access rights for security reasons.

The "full_access_as_app" rights are too permissive and will allow a malicious person to access all user mailboxes, whether in reading or writing..... So we want to configure only read access on the calendars.

Regards
Benjamin