Using Ascema for Office 365

Using Ascema for Office 365link


Licence Requirementslink

The features of the Ascema system for Office 365 require a separate licence. For details of this please contact your sales representative.

Setting up permissions to search Office 365link

To enable Ascema to search for sensitive date on Office 365 you must first set up a number of permissions within the Office 365 tenant environment. An Azure app should be created to cover each tenent which you will wish to search with Ascema.

  • While logged in as an Office 365 administrator select the Admin app from the list
  • The menu sidebar will be displayed
  • From the menu sidebar select Azure Active Directory
  • The Azure Active Directory admin center will be displayed
  • From the left side menu select Azure Active Directory
  • A menu will be displayed showing actions within Azure Active Directory
  • From this menu select App Registrations
  • A list of existing applications will be displayed along with options to manage these across the top
  • From these options select New registration
  • The form to Register an application will be displayed
  • Enter a name for the application you will use to control access to Office 365 for the Ascema system
  • Leave selected the option for Single tenant
  • Leave the default values for Redirect URI
  • Select the Register button
  • Your new application will be displayed
  • On this application the Application (client) ID and Directory (tenant) ID will be displayed. Make a record of these as they will be needed later.
  • From the App registrations menu select the Certificates & secrets option
  • Select the option for a New client secret
  • The Add a client secret dialog will be displayed
  • Select a name for the client secret
  • Select an exiry period for the client secret
  • Click on the Add button
  • A secret will be generated for you Azure App
  • Make a record of this secret as it will be needed later
  • Next select the API Permissions menu item
  • On the API permissions page select Microsoft Graph
  • A dialog for Request API permissions will be displayed
  • At the top of this dialog choose the option for Application Permissions
  • The full list of application permissions to be set is as shown below
  • Check the box against each of these permissions
  • When all permissions have been set select the Update permissions button
  • Once this is complete you will need to grant consent for the permissions to be applied
  • Select the Grant Permissions button