How to create a custom private client app in Azure

1. Log in to portal.azure.com with an account that has sufficient rights to register new applications.
2. Go to Azure Active Directory.
3. Click App registrations.

4. Click New registration.

5. Enter a name for your custom application and choose Accounts in this organizational directory only (Single tenant).

6. Click Register.
7. Now click API permissions.

8. Click Add a permission.

9. Click Microsoft Graph.

10. Click Application permissions.

11. In the Select permissions search box, type Send. Click the down symbol next to Mail and then tick the Mail.Send checkbox.

12. Now we need to grant admin consent for the application to use the Mail.Send permission. Click the Grant admin consent for tenantname button.

13. Click Yes to confirm.

14. Now that the permissions have been set, we need to create an application secret that will be used by Print Director to log in and send emails. Click the Overview button to return to the app details.

15. Click Add a certificate or secret.

16. Now click New client secret.

17. Fill in the Description and Expires Note that after the expiry, any Print Director Email Send Accounts that are using this app will stop working. A new secret will need to be created and stored in the PD Email Send Account.

18. Now the secret will be created. The Value must be copied immediately and stored securely. This is because the portal will redact the Value after a short time. If you lose the secret value, a new secret will need to be created. Click the copy button and paste the value somewhere secure (e.g. directly into the email account settings in Resource Manager).

19. Now that the secret is created, the MS Graph application authentication record can be created in Print Director. Click the Overview button to get the values that will be required:

20. Paste them into the correct boxes in the MS Graph application authentication record. To create an Email Send Account using MS application authentication:
    • In Resource Manager, navigate to Email Management > Email Send Accounts.
    • Click Add.
    • Enter a name for the account.
    • Change the Sending service type dropdown to MS Graph application authentication.
    • Click the … button next to the Client app dropdown.
    • Click the New button.
    • Enter any name for the custom application.
    • Paste the values copied from the Application Overview details (along with the client secret) into the fields and click OK.