Knowledgebase
How to connect Safetica to Office 365
Posted by Petr Procházka, Last modified by Štěpán Horký on 11 June 2019 01:46 PM

Notice: Starting in Safetica 9.1, you can manage more Office 365 features like monitoring of files and e-mail moving through the Office 365 cloud. For more information please visit the article Safetica Office 365 Features

To enable Office 365 features of Safetica, you have to connect it to your Office 365 environment. To configure this connection, navigate to your WebSafetica Office 365 settings (can be found under Management → General) and follow the instructions to obtain the following parameters from your Azure Active Directory:

  • Tenant name
  • App ID
  • App key

Tenant name

Tenant name is the name you specify when signing up for Office 365 in the format: your-company.onmicrosoft.com

  1. Go to your Office 365 admin center: https://portal.office.com/adminportal/home#/Domains
  2. You will find the tenant name in the Domains list.
  3. Insert the tenant name into WebSafetica as the Tenant name.

Registering an Office 365 application

To access your organization’s activity data, Safetica requires an application registration with appropriate permissions. To create this registration you must have administrator access to your organization’s Azure Active Directory.

At the moment, two sets of permissions are required for Safetica Office 365 features to work correctly:

  • Office 365 Management APIs: Read activity data for your organization - required for monitoring Office 365 activity
  • Microsoft Graph: Read and write all users' full profiles - required for linking Active Directory users with Azure Active Directory users

  1. Access your organization’s Active Directory in the Azure Active Directory admin center: https://aad.portal.azure.com/

  2. Navigate to All services, go to App registrations and click New application registration.
        

  3. Fill out the details for the new application and click Create.
    Name: SafeticaApplication
    Application type: Web app / API
    Sign-on URL: https://office.com
        

  4. Select the newly created app in the App registrations list.
        

  5. Copy the Application ID and insert it into WebSafetica as the App ID.
        

  6. Click Settings, then Required permissions.
        

  7. Click Add and Select and API to add a new set of permissions to the application.
        

  8. Select Office 365 Management APIs, click Select, choose the Read activity data for your organization permission under Application permissions, then confirm your choice with Select and Done.
        

  9. For the second set of permissions, select Microsoft Graph, click Select, choose the Read and write all users' full profiles permission under Application permissions, then confirm your choice with Select and Done.
        
  10. Click Grant Permissions and confirm with Yes to grant the application access to your organization’s activity data.
        

  11. Select Keys in the application’s Settings blade, fill out details for the new application key and click Save:
    Description: SafeticaKey
    Expires: Never expires
        

  12. Copy the newly created key’s value and insert it into WebSafetica as the App key.
        

  13. Click Save and a green confirmation dialog will appear if the entered values are correct.