# Outlook
Outlook (opens new window) is a personal information manager from Microsoft that is part of the Microsoft Office suite. It includes email, calendaring, contacts, and task services.
# API version
The Outlook connector uses the Microsoft Graph API v1.0 (opens new window).
# How to connect to Outlook
Workato supports the following types of connections to Outlook:
- Authorization code grant authentication (OAuth 2.0)
- Client credentials-based authentication (OAuth 2.0): Only available for tenant-specific connections
# Authorization code grant authentication (OAuth 2.0)
This authentication method requires the following value for tenant-specific account types:
- Tenant ID/Domain
# Step 1: Register the Workato App in Azure portal
Complete the following steps to register the Workato app and assign it permissions for authorization code grant connections.
Register the Workato app in the Azure Portal
Sign in to the Azure portal (opens new window).
Select App registrations > + New registration, under Azure services.
Enter a unique name for the application and select a Supported account type.
Select Web from the Select a platform drop-down menu.
Enter https://www.workato.com/oauth/callback
as the Redirect URI and select Register.
Register an app
Assign permissions to your app
In the navigation sidebar, select Manage > API permissions.
Click + Add a permission and select Microsoft Graph APIs.
Add the required permissions as outlined in the Permissions required to connect section. Depending on your connection type, you must assign Application or Delegated permissions.
Add permissions
Click Add permissions.
Admin consent is required for specific permissions. Refer to the Granting admin consent section to learn more.
Obtain the Directory (tenant ID) from the Azure portal
This step is required if you plan to use a tenant-specific account. You can skip this step if you plan to use a common, consumer, or organization account type for your connection.
Go to the Overview > Essentials section.
App details
Copy the Directory (tenant) ID
for use in Workato.
# Step 2: Complete setup in Workato
Click Create > Connection.
Search for and select Outlook
as your connection in the New connection page.
Provide a name for your connection in the Connection name field.
Use the Location drop-down menu to select the project where you plan to store the connection.
Use the Connection account type drop-down menu to select the type of account you plan to use. The available choices are Common, Tenant-specific, Consumer, and Organization.
Select Authorization code grant
as the Authentication type.
Optional. By default, the connector requests a set of scopes necessary for all triggers and actions to function properly. In the Advanced settings section, you can manually select the permissions instead. The minimum permissions required to establish a connection are User.Read
and offline_access
. Workato always requests these permissions regardless of the permissions you select. Refer to the permissions section for more information.
Click Sign in with Microsoft.
# Client credentials-based authentication (OAuth 2.0)
COMPATIBLE AUTHENTICATION
Client credentials-based authentication is only compatible with tenant-specific connections.
This method requires the following fields:
- Tenant ID/Domain
- User ID
- Client ID
- Client Secret
# Step 1: Register the Workato App in the Azure Portal
Complete the following steps to register the Workato app and assign it permissions for client credentials-based connections.
Register the Workato App in the Azure Portal
Sign in to the Azure portal (opens new window).
Select App registrations > + New registration, under Azure services.
Enter a unique name for the application and select a Supported account type.
Select Web from the Select a platform drop-down menu.
Enter https://www.workato.com/oauth/callback
as the Redirect URI and select Register.
Register an app
Assign permissions to your app
In the navigation sidebar, select Manage > API permissions.
Click + Add a permission and select Microsoft Graph APIs.
Add permissions
Add the required permissions as outlined in the Permissions required to connect section. Depending on your connection type, you must assign Application or Delegated permissions.
Add permissions
Click Add permissions.
Admin consent is required for specific permissions. Refer to the Granting admin consent section to learn more.
Generate an API key
Go to Manage > Certificates & Secrets > Client secrets and click + New client secret.
Provide a Description for the client secret and specify an expiry date.
Click Add. Copy and save this secret for use in Workato.
Obtain the Application (client) ID, Object ID, and Directory (tenant) ID from the Azure Portal
Go to the Overview > Essentials section.
App details
Copy the Application (client) ID
, Object ID
, and Directory (tenant) ID
for use in Workato.
Obtain the User ID from the Azure Portal
To obtain the User ID
, go to Home > Users.
Select users
Search for and select the user associated with your account.
Copy the User principal name
. This value is used for the User ID in Workato.
Return to Workato to finish setting up your connection.
# Step 2: Complete setup in Workato
Click Create > Connection.
Search for and select Outlook
as your connection in the New connection page.
Provide a name for your connection in the Connection name field.
Use the Location drop-down menu to select the project where you plan to store the connection.
Select Tenant specific as the Connection account type. This option is specifically designed for users who belong to a particular organization (tenant).
Provide your Tenant ID/Domain. This is the Directory (tenant) ID
for your app. Refer to the Register an app in Azure section to learn how to obtain this value.
Select Client credentials
as the Authentication type.
Supply the User ID, Client ID, and Client secret for your app. Refer to the Register an app in Azure section to learn how to obtain these values.
Click Sign in with Microsoft.
# Permissions required to connect
# Default scopes for authorization code grant connections
By default, the Outlook connector requests the following scopes for authorization code grant connections. These scopes are necessary to use all of this connector's triggers and actions. Additionally, you must assign these permissions to the Workato app as Delegated permissions in the Azure portal.
Mail.Send
Mail.ReadWrite
Mail.ReadWrite.Shared
Calendars.ReadWrite
Calendars.ReadWrite.Shared
User.Read
offline_access
# Minimum scopes for authorization code grant connections
The following minimum scopes are required to establish a connection to Outlook using authorization code grant authentication:
User.Read
offline_access
# Default scopes for client credential connections
We recommend the following scopes for client credentials connections. These scopes are necessary to use all of this connector's triggers and actions. Additionally, you must assign these permissions to the Workato app as Application permissions in the Azure portal.
Calendars.Read
Calendars.ReadWrite
Contacts.Read
Contacts.ReadWrite
Mail.Read
Mail.ReadWrite
Mail.Send
# Minimum scopes for client credential connections
The following minimum scopes are required to establish a connection to Outlook using client credentials-based authentication:
Mail.Read
# Connect Microsoft Entra ID to the Outlook connector
To connect to the Outlook connector using a Microsoft Entra ID account, ensure that all the consent requests are granted by admins.
Complete the following steps to grant admin consent using an admin account:
Sign in to your Azure portal and navigate to Enterprise Applications > Activity > Admin consent requests.
Approve the necessary consent requests.
Last updated: 12/4/2024, 4:07:19 PM