# O365 Tenant ## Register App on Azure AD **Note**: The permissions may require authorization from an administrator. 1. Sign in to the [Azure Portal](https://portal.azure.com/) using your credentials. 2. From Azure services, locate and open Azure Active Directory (also known as Azure AD).

3. Under the **Manage** section, select **App registrations**.

4. In the App registrations screen, click **+ New registration**.

5. The **Register an application** screen displays. Enter the user-facing display name for the App in **Name**.

6. Select one of the following account types depending on your needs: * **Accounts in any organizational directory (Any Azure AD directory Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)** * **Accounts in any organizational directory (Any Azure AD directory Multitenant)**

7. Leave the option **Redirect URI (optional)** as is.

8. Click **Register** to complete the App registration. This will return you to the screen for the new App. 9. In the App screen, locate the **Application (client) ID**. Copy it to be used when configuring email import for **DocBits**.

10. From left panel, select **Certificates & secrets**:

11. In the **Certificates & secrets** screen, click on **+ New client secret** button under **Client secrets** section:

12. In the **Add a client secret** dialog box, click the **Add** button:

It is recommended to fill in a description to identify this secret among many (as of now the limit is 2 secrets per App).

**Note**: Select this expiration date according to your company policy. Once expired, a new client secret will need to be created and specified for each email configuration where it was used previously. 13. The newly generated client secret will be visible. Copy this client secret to be used when configuring email import for DocBits

**Important:** Ensure that you have copied the client secret as the client secret will not display again once it is closed. 14. Select **Authentication** on the left panel. This will present the **Authentication** screen on the right-hand side.

15. In the **Advanced settings** section, click **Yes** for **Default client type**.

16. Click **Save** to confirm changes.

17. Select **API permissions** on the left panel. This will present the API permissions screen.

18. By default the **User.Read** permission from **Microsoft Graph** is present, leave this as is.

**Note**: This is a required permission. If this permission is not available, then add the permission with the steps mentioned below for **Mail.ReadWrite** permission. 19. Click **+ Add a permission**.This will open the **Request API permissions** panel.

20. Click **Microsoft Graph**.

21. From the two sub-categories, select **App Permissions**.

22. Type **Mail.ReadWrite** in the search box. Select the **Mail.ReadWrite** checkbox for the permission.

23. This will enable the **Add permissions** button at the bottom of the panel. Click **Add permissions**.

24. This will add the **Mail.ReadWrite** permission to the list of **Configured permissions** for the App. **Note**: Administrator permissions may be required. The administrator will have to authorize the App for using these permissions. Once authorized the granted status will be indicated as follows:

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.docbits.com/administration-and-setup/settings/document-processing/import/o365-tenant.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.