Microsoft OAuth Transition – Customer Requirements – Office 365 Users

Pre-requisite: users must be on version 22.01.003 to execute these changes in Q360.

Register Q360 Webmail application with Azure

1. Navigate to https://aad.portal.azure.com/
2. Login with your Azure account (create account if one does not exist).
3. Select Azure Active Directory in the left-hand navigation, then select App Registrations under Manage.
4. Select New Registration. On the Register an Application page, set the values as follows:
   1. Set Name to: Q360 WebMail
   2. Set Supported Account Types to: Single Tenant
   3. Set Platform to: Web
   4. Set Redirect URL (required): https://yourq360url.com/oauth/oauth_login.php
   5. Save changes.
5. Select Certificates and Secrets
   1. Select New Client Secret
   2. Set name to: Q360 WebMail Secret
   3. Set Expiry to: 24 Months (recommended). Note expiry date for future use in setting up a background job.
   4. Save changes.
6. Select Authentication
   1. Add URLs for any additional environments (train, test, etc)
   2. Save changes.

Transfer Azure settings to Q360

1. Copy the “Client ID”, “Tenant ID”, and “Client Secret” (Value column) from Azure into Q360 (Maintenance Menu > API Configuration > OAuth tab).
2. Select Azure AD from the Provider drop down menu.
3. Click the Save button.

Once the above steps are complete send an email to support@solutions360.com with subject “oAuth setup.”  A Q360 representative will validate smtp and php settings, and set up a background job, “Webmail Check Token Expiry Dates.”  This job notifies users X number of days prior to token expiration. We recommended this background job be run once every day.

Your Q360 representative will also discuss with you the Clear All Email Passwords option on the API Configuration > oAuth screen, as well as any additional end user / admin email authorization steps.