# Outlook

Outlook (opens new window) is a personal information manager from Microsoft that is part of the Microsoft Office suite. It includes email, calendaring, contacts, and task services.

# API version

The Outlook connector uses the Microsoft Graph API v1.0 (opens new window).

# How to connect to Outlook

Workato supports the following types of connections to Outlook:

# Authorization code grant authentication (OAuth 2.0)

This authentication method requires the following value for tenant-specific account types:

  • Tenant ID/Domain

# Step 1: Register the Workato App in Azure portal

Complete the following steps to register the Workato app and assign it permissions for authorization code grant connections.

1
Register the Workato app in the Azure Portal
2

Select App registrations > + New registration, under Azure services.

Add an app registration

3

Enter a unique name for the application and select a Supported account type.

4

Select Web from the Select a platform drop-down menu.

5

Enter https://www.workato.com/oauth/callback as the Redirect URI and select Register.

Register appRegister an app

2
Assign permissions to your app
1

In the navigation sidebar, select Manage > API permissions.

2

Click + Add a permission and select Microsoft Graph APIs.

3

Add the required permissions as outlined in the Permissions required to connect section. Depending on your connection type, you must assign Application or Delegated permissions.

Add permissionsAdd permissions

4

Click Add permissions.

Admin consent is required for specific permissions. Refer to the Granting admin consent section to learn more.

3
Obtain the Directory (tenant ID) from the Azure portal

This step is required if you plan to use a tenant-specific account. You can skip this step if you plan to use a common, consumer, or organization account type for your connection.

1

Go to the Overview > Essentials section.

App detailsApp details

2

Copy the Directory (tenant) ID for use in Workato.

# Step 2: Complete setup in Workato

1

Click Create > Connection.

2

Search for and select Outlook as your connection in the New connection page.

3

Provide a name for your connection in the Connection name field.

4

Use the Location drop-down menu to select the project where you plan to store the connection.

5

Use the Connection account type drop-down menu to select the type of account you plan to use. The available choices are Common, Tenant-specific, Consumer, and Organization.

6

Select Authorization code grant as the Authentication type.

7

Optional. By default, the connector requests a set of scopes necessary for all triggers and actions to function properly. In the Advanced settings section, you can manually select the permissions instead. The minimum permissions required to establish a connection are User.Read and offline_access. Workato always requests these permissions regardless of the permissions you select. Refer to the permissions section for more information.

8

Click Sign in with Microsoft.

# Client credentials-based authentication (OAuth 2.0)

COMPATIBLE AUTHENTICATION

Client credentials-based authentication is only compatible with tenant-specific connections.

This method requires the following fields:

  • Tenant ID/Domain
  • User ID
  • Client ID
  • Client Secret

# Step 1: Register the Workato App in the Azure Portal

Complete the following steps to register the Workato app and assign it permissions for client credentials-based connections.

1
Register the Workato App in the Azure Portal
2

Select App registrations > + New registration, under Azure services.

Add an app registration

3

Enter a unique name for the application and select a Supported account type.

4

Select Web from the Select a platform drop-down menu.

5

Enter https://www.workato.com/oauth/callback as the Redirect URI and select Register.

Register appRegister an app

2
Assign permissions to your app
1

In the navigation sidebar, select Manage > API permissions.

2

Click + Add a permission and select Microsoft Graph APIs.

Add permissionsAdd permissions

3

Add the required permissions as outlined in the Permissions required to connect section. Depending on your connection type, you must assign Application or Delegated permissions.

Add permissionsAdd permissions

4

Click Add permissions.

Admin consent is required for specific permissions. Refer to the Granting admin consent section to learn more.

3
Generate an API key
1

Go to Manage > Certificates & Secrets > Client secrets and click + New client secret.

2

Provide a Description for the client secret and specify an expiry date.

3

Click Add. Copy and save this secret for use in Workato.

4
Obtain the Application (client) ID, Object ID, and Directory (tenant) ID from the Azure Portal
1

Go to the Overview > Essentials section.

App detailsApp details

2

Copy the Application (client) ID, Object ID, and Directory (tenant) ID for use in Workato.

5
Obtain the User ID from the Azure Portal
1

To obtain the User ID, go to Home > Users.

UsersSelect users

2

Search for and select the user associated with your account.

3

Copy the User principal name. This value is used for the User ID in Workato.

Return to Workato to finish setting up your connection.

# Step 2: Complete setup in Workato

1

Click Create > Connection.

2

Search for and select Outlook as your connection in the New connection page.

3

Provide a name for your connection in the Connection name field.

4

Use the Location drop-down menu to select the project where you plan to store the connection.

5

Select Tenant specific as the Connection account type. This option is specifically designed for users who belong to a particular organization (tenant).

6

Provide your Tenant ID/Domain. This is the Directory (tenant) ID for your app. Refer to the Register an app in Azure section to learn how to obtain this value.

7

Select Client credentials as the Authentication type.

8

Supply the User ID, Client ID, and Client secret for your app. Refer to the Register an app in Azure section to learn how to obtain these values.

9

Click Sign in with Microsoft.

# Permissions required to connect

# Default scopes for authorization code grant connections

By default, the Outlook connector requests the following scopes for authorization code grant connections. These scopes are necessary to use all of this connector's triggers and actions. Additionally, you must assign these permissions to the Workato app as Delegated permissions in the Azure portal.

  • Mail.Send
  • Mail.ReadWrite
  • Mail.ReadWrite.Shared
  • Calendars.ReadWrite
  • Calendars.ReadWrite.Shared
  • User.Read
  • offline_access

# Minimum scopes for authorization code grant connections

The following minimum scopes are required to establish a connection to Outlook using authorization code grant authentication:

  • User.Read
  • offline_access

# Default scopes for client credential connections

We recommend the following scopes for client credentials connections. These scopes are necessary to use all of this connector's triggers and actions. Additionally, you must assign these permissions to the Workato app as Application permissions in the Azure portal.

  • Calendars.Read
  • Calendars.ReadWrite
  • Contacts.Read
  • Contacts.ReadWrite
  • Mail.Read
  • Mail.ReadWrite
  • Mail.Send

# Minimum scopes for client credential connections

The following minimum scopes are required to establish a connection to Outlook using client credentials-based authentication:

  • Mail.Read

To connect to the Outlook connector using a Microsoft Entra ID account, ensure that all the consent requests are granted by admins.

Complete the following steps to grant admin consent using an admin account:

1

Sign in to your Azure portal and navigate to Enterprise Applications > Activity > Admin consent requests.

2

Approve the necessary consent requests.


Last updated: 12/4/2024, 4:07:19 PM