Before you begin
You need an Azure account with an active subscription. You can create a free one at https://azure.microsoft.com/free/ (you will NOT be charged for the email authentication we are going to set up). The Azure account must be owned by the same organisation which owns your Microsoft 365 email. You cannot use Akeeba Ticket System with a free Hotmail.com / Outlook.com email address. It’s not that we don’t want you to, it’s that Microsoft does not allow it starting October 1st, 2022.
The Azure account must have permission to manage applications in Azure Active Directory (Azure AD). Any of the following Azure AD roles include the required permissions: Application administrator, Application developer, or Cloud application administrator.
![[Note]](/media/com_docimport/admonition/note.png) | Note |
|---|---|
|
The default user account created with a new Azure subscription has the necessary permission |
You will need to make sure you have an Azure AD tenant.
-
Sign into the Azure Portal at https://portal.azure.com/ (Make sure you are logged in with the correct account for your business / school, not your personal Microsoft account).
-
Check the upper-right corner. If you have a tenant, you'll automatically be signed in. Hover over your account name to see your name, email address, directory or tenant ID (a GUID), and domain. It takes a second or so to display the popup.
-
If you do not see a Directory and Domain item in the popup you will need to follow the tutorial in https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant to create an Azure AD tenant.
You will need to create an ‘application’. This is just a way for Microsoft to identify the access requests coming from Akeeba Ticket System installed on your site.
Creating an application
Sign into the Azure Portal at https://portal.azure.com/. Make sure you are logged in with the correct account for your business / school, not your personal Microsoft account.
If you have access to multiple tenants, use the Directories and Subscriptions filter in the top menu (looks like a funnel in front of a binder notepad) to switch to the tenant in which you want to register the application.
Use the search bar at the top to search for and select Azure Active Directory.
Under , select , New registration.
In the Name box enter Akeeba
Ticket System on .My Site’s
Name
In the multiple selection below choose Accounts in this organisational directory only (Your Organisation Name - Single Tenant). Note that any other option requires a manual vetting process which is why we (Akeeba Ltd) cannot provide an application ourselves, also the reason we cannot let you use personal Hotmail/Outlook email addresses.
Don't enter anything for Redirect URI (optional). You'll configure a redirect URI shortly.
Click on the button at the bottom of the page.
You will now see the Application (client) ID. Note it down. You will need it to set up Akeeba Ticket System.
Add a redirect URI
On the sidebar menu, under , select .
Under Platform configurations, select Add a platform.
In the new sidebar click on Web.
In the Redirect URIs text box enter
your site URL plus
/administrator/index.php?option=com_ats&view=authenticate&task=callback&service=microsoft&tmpl=component.
For example, if your site is
http://www.example.com/mysite you would need to enter
http://www.example.com/mysite/administrator/index.php?option=com_ats&view=authenticate&task=callback&service=microsoft&tmpl=component
Under Select the tokens you would like to be issued by the authorization endpoint: choose Access tokens (used for implicit flows).
Click on the button at the bottom of the page.
Add a client secret
On the sidebar menu, under , select , , New client secret.
In the Description enter Akeeba
Ticket System.
In the Expires dropdown select
24 months.
![[Important]](/media/com_docimport/admonition/important.png) | Important |
|---|---|
|
You will have to create a new secret (and update your ATS configuration) before that period of time expires. |
Click on the button at the bottom of the page.
When the secret is created you will see a Value and a Secret ID. Copy the Value.
![[Caution]](/media/com_docimport/admonition/caution.png) | Caution |
|---|---|
|
Note the secret's Value own now. You will not see the Value again once you leave this page. If that happens to you, create a new client secret. |
Configure Akeeba Ticket System
Sign into the Azure Portal at https://portal.azure.com/. Make sure you are logged in with the correct account for your business / school, not your personal Microsoft account)
Use the search bar at the top to search for and select
Tenant Properties.
Copy the Tenant ID.
Go to your site’s administrator backend, , Manage, Plugins and edit the Akeeba Ticket System – Fetch Email plugin.
In the Mail server type field select
Microsoft Exchange / Microsoft 365 / Office
365.
Paste the Tenant ID you copied above into the Tenant ID text box.
Put the Secret ID and Value in the next two fields. Remember: you noted down those values while following the “Add a client secret” instructions further above.
Click on the button
Click on the button.
A new popup window opens. If it doesn’t open, check your browser settings and your browser extensions; it’s possible they block the popup.
Log in to your organisation’s Microsoft account.
In the consent page select the Consent on behalf of your organisation box and click on the button.
![[Tip]](/media/com_docimport/admonition/tip.png) | Tip |
|---|---|
|
If you see an error similar to ‘The redirect URI ‘SOME LONG URL HERE' specified in the request does not match the redirect URIs configured for the application ‘LONG STRING ON NUMBERS AND LETTERS'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.’ it means that you typed the redirect URL wrong following the “Add a redirect URI” section above. Please repeat that step and be careful as to what you are typing. |