# EWS - Authorize the Connection 1. Enable the “Use OAuth 2.0 Authentication” checkbox in both the Incoming and Outgoing email server settings and click “Manage Token” {% hint style="info" %} Both incoming and outgoing email servers can use the same token but each must be authorized separately to establish the respective connections {% endhint %} 2. Set the following values in the OAuth Token Details form: * Type: Microsoft Graph API * Grant Type: authorization\_code * Callback URL: Error! Hyperlink reference not valid. * Authorization URL: [https://login.microsoftonline.com/{Azure Tenant ID}/oauth2/v2.0/authorize](https://login.microsoftonline.com/%7BAzure%20Tenant%20ID%7D/oauth2/v2.0/authorize) * Access Token URL: [https://login.microsoftonline.com/{Azure Tenant ID}/oauth2/v2.0/token](https://login.microsoftonline.com/%7BAzure%20Tenant%20ID%7D/oauth2/v2.0/token) * **Client ID:** Value from the Azure App Registration * **Client Secret:** The secret created for the App Registration 3. The following scopes are required: * ; * ; * ; * offline\_access\*\* {% hint style="info" %} **The following scopes must be used if you intend to use a shared mailbox** * ; * ; * ; * ; * ; * offline\_access {% endhint %} {% hint style="warning" %} Corresponding permissions for these scopes ***may*** need to be added manually to the App Registration. {% endhint %}

4. Click 'Authorize' 5. A pop up window will appear for you to enter the Exchange credentials and then authorize the connection

6. When the authorization process is complete, the popup will close. 7. The OAuth Token Details dialog should close shortly thereafter.