Alteryx Designer Desktop Discussions
Find answers, ask questions, and share expertise about Alteryx Designer Desktop and Intelligence Suite.
Alteryx 2022.3 release introduced Azure Active Directory (Azure AD) authentication support, Single Sign-On (SSO), for Microsoft ExchangeOnline. This update allows users to authenticate to ExchangeOnline with Azure AD accounts. This Designer release enables users leverage two types of Azure AD application configurations to access your ExchangeOnline account: single-tenant and multi-tenant application. This post covers single-tenant application configuration, whereas the multi-tenant configuration is captured in this post.
To access ExchangeOnline with Azure AD accounts, users are require to have the following configuration in place:
Azure Active Directory account linked with Microsoft ExchangeOnline service - make sure your ExchangeOnline service has been deployed for the tenant user;
Single-tenant application setup
In this post we will cover how to:
Register and configure single-tenant OAuth application in Azure AD tenant;
Obtain required Azure AD application details;
Access ExchangeOnline using Azure AD identity from Alteryx Designer;
| Please note, the following example is intended for demonstration purposes only. We recommend engaging your systems team to help you with configuration. This example covers single-tenant OAuth implementation that is only intended for authentication of users existing within same Azure tenant. |
Now that we’re clear about what we need, let’s focus on what we need to do to access above details.
Register and configure single-tenant OAuth application in Azure AD tenant
Go to your Azure AD portal, select Active Directory which you want to use with ExchangeOnline, and click on App registrations tab
- Click on New registration and provide a descriptive name e.g. MS Exchange.
- Select single-tenant as supported account types that can use this application;
- Set type to web, Redirect url to http://localhost and click register;
- On the overview page, copy and save the id of the client application. This will be known as your “client id”.
Next, go to Certificates and Secrets and generate a new secret for this application. Save the value of the secret, you will need it later. This value will be known as “client secret”
Now that we created our client secret, go to “API permissions” tab, available on your left hand side.
Click on Add permission, select “APIs my organisation uses” and add type in the following value: Office 365 Exchange Online. At this step, you should see Office 365 Exchange Online on the list of available apis. Set type to Delegated Permissions
Next, scroll down to mail section and set scope to Mail.Send.All. This will entitle the app to issue tokens with permissions to send emails on behalf of users. Click add permission.
Grant admin consent for Default directory
Now that we configured our OAuth application and assign it with right permissions, make sure to verify you’ve collected the following details:
Azure AD tenant ID
MS Exchange client ID
MS Exchange client secret
Additionally, you will need the following ExchangeOnline details:
- SMTP server address: smtp.office365.com
- Port: 587
You can now access your data in ExchangeOnline from Alteryx Designer using your Azure AD account. Simply drag and drop Email tool, check “Use Data Connection Manager (DCM)” box and fill out required details. Set encryption to STARTTLS. Click Save.
Next, select Azure AD authentication method and provide the details we collected earlier to configure connection with your OAuth application. Create and link your credentials with connection.
After filling out above details and clicking connect, you will be redirected to the Azure AD login page. You will be prompted to login with your Azure AD account and grant this application required permissions. Once done, you will successfully obtain access to your ExchangeOnline service.
