OAuth providers

Microsoft

Set up Microsoft OAuth for Office 365, Outlook, OneDrive, and Azure services

Overview

Connect your users to Microsoft for Office 365, Outlook email, OneDrive files, Teams, Calendar, and Azure services.

Go to App registrations in the Microsoft Entra admin center

Navigate to App registrations in the Microsoft Entra admin center and sign in with your Microsoft account.

Click New registration. Enter an application name and select Accounts in any organizational directory and personal Microsoft accounts.

Configure the redirect URI

Under Authentication, click Add a platform > Web. Add the Alter callback URL from the Developer Portal as the redirect URI.

Create a client secret

Go to Certificates & secrets > New client secret. Set an expiry and copy the Value immediately — it’s only shown once.

Get credentials

Copy the Application (client) ID from the Overview page. The secret you copied is your Client Secret.

Open the Developer Portal

Go to portal.alterauth.com and navigate to the application.

Add Microsoft provider

Go to OAuth Providers > Add Provider > Microsoft.

Enter credentials

Select scopes

Choose the scopes the application needs.

Save

Click Save. The provider is now active.

Scope	Description
`openid`	OpenID Connect authentication
`profile`	Access to user profile information
`email`	Access to user email address
`offline_access`	Obtain refresh tokens for long-lived access
`User.Read`	Read user profile
`User.ReadWrite`	Read and write user profile
`Mail.Read`	Read email messages
`Mail.Send`	Send emails on behalf of user
`Calendars.Read`	Read calendar events
`Calendars.ReadWrite`	Create and manage calendar events
`Files.Read`	Read OneDrive files
`Files.ReadWrite`	Read and write OneDrive files

Always include offline_access to receive a refresh token for long-lived access.
Microsoft requires admin consent for certain organizational scopes.
See the Microsoft OAuth 2.0 documentation for more details.