Setting up the Azure Application
The Application provides authentication and access details that the plugin will use to access user data
Each user in Mattermost will need to allow the plugin to access their Calendar so it can track the user's status. The following steps create an Azure application that will be used with the plugin on Mattermost.
Sign into portal.azure.com using an admin Azure account. Then navigate to Azure Active Directory, then Navigate to App Registrations
Click
New registration
button at the top of the page.Fill out the form with the following values:
- Name (Customizable):
Mattermost MS Calendar Plugin
- Supported account types: Default value (Single tenant)
- Redirect URI:
https://(MM_SITE_URL)/plugins/com.mattermost.mscalendar/oauth2/complete
Replace
(MM_SITE_URL)
with your Mattermost server's Site URL. Then submit the form by clicking Register
.
We will now create the client secret which is used by the plugin to prove it's identity to Azure.
Navigate to
Certificates & secrets
in the left pane.Click
New client secret
. Then click Add
, and copy the new secret on the bottom right corner of the screen. Save this Value somewhere (You will be able to access it later though). We'll use this value later in the Mattermost admin console.
Navigate to
API permissions
in the left pane.Click
Add a permission
, then click Microsoft Graph
in the right pane.Click
Delegated permissions
, and scroll down to select the following permissions:- Calendars.ReadWrite
- Calendars.ReadWrite.Shared
- MailboxSettings.Read
Submit the form by clicking
Add permissions
at the bottom.Afterwards, add application permissions by clicking
Add a permission
-> Microsoft Graph
-> Application permissions
. Select the following permissions:- Calendars.Read
- MailboxSettings.Read
- User.ReadAll
Submit the form by clicking
Add permissions
at the bottom.These are all the permissions that should be set for the Application at this point:

This step makes the process smoother for your end-users by accepting on their behalf that the application will be able to access their accounts - so they don't need to grant consent themselves. They will still need to connect their accounts in Mattermost, but the user will not be prompted to explicitly grant access to their accounts.
Click
Grant admin consent for...
to grant the permissions for the application. Finally, copy all the required strings to complete the configuration of the plugin on Mattermost next.
Copy the
Client ID
and Tenant ID
from the Azure portal