# Prerequisites

{% hint style="info" %}
The Mail User account and related email address may be used for sending and receiving email.  **Alemba recommends configuring a shared mailbox for this purpose.**  

* Users can be created and managed in the Microsoft 365 Admin Center.  <https://admin.microsoft.com/AdminPortal/Home?#/users>
* Shared Mailboxes are created in the Exchange Admin Center:  <https://admin.exchange.microsoft.com/#/mailboxes>
  {% endhint %}

## Authorizing User&#x20;

1. A user account with a valid mail license used for authentication with EWS \
   e.g. Office 365 E3&#x20;

{% hint style="warning" %}
The user must be able to login to authorize the EWS connection and must be delegated permissions to send and receive emails using the specified email address. Email Address for Send and Receive&#x20;
{% endhint %}

<figure><img src="https://content.gitbook.com/content/hlW9jKl7dcDggHAPhNU9/blobs/fM3eG37vTCIYDkIrd9HA/Screen%20Shot%202022-11-09%20at%2011.40.10%20AM.png" alt=""><figcaption></figcaption></figure>

## Email Address for Send and Receive&#x20;

<figure><img src="https://content.gitbook.com/content/hlW9jKl7dcDggHAPhNU9/blobs/RpBufxEg12Yzh7yqYNCW/Screen%20Shot%202022-11-09%20at%2011.45.37%20AM.png" alt=""><figcaption></figcaption></figure>

<figure><img src="https://content.gitbook.com/content/hlW9jKl7dcDggHAPhNU9/blobs/mtz7ydblI0Z9jyZj4hsN/Screen%20Shot%202022-11-09%20at%2011.46.10%20AM.png" alt=""><figcaption></figcaption></figure>

Allow the “**Authorizing User**” to “**Read and Manage**” and “**Send as**” the Shared Mailbox using “***Manage mailbox delegation***”

<figure><img src="https://content.gitbook.com/content/hlW9jKl7dcDggHAPhNU9/blobs/TW6e0JlX60oisKMsmxdC/Screen%20Shot%202022-11-09%20at%2011.46.43%20AM.png" alt=""><figcaption></figcaption></figure>

## Azure App Registration&#x20;

1. Register an application in Azure for a Web type client. This is used to authorize the connection from ASM to EWS&#x20;

Details on how to create an app registration can be found here: &#x20;

{% embed url="<https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth?redirectedfrom=MSDN#register-your-application>" %}

2. Add [web redirect url ](https://docs.alemba.com/asm/asm-hermes/setup-and-configure-asm/setting-up-your-system/setup-email/setting-up-incoming-and-outgoing-email/configuring-exchange-web-services-ews/prerequisites/web-redirect-url-configuration)to the app registration
3. Create a [client secret](https://docs.alemba.com/asm/asm-hermes/setup-and-configure-asm/setting-up-your-system/setup-email/setting-up-incoming-and-outgoing-email/configuring-exchange-web-services-ews/prerequisites/creating-an-azure-client-secret) for the app registration. Make a note of the secret and keep it secure. You will need it later.&#x20;

## Configure ASM&#x20;

Ensure the ASM web site has a https binding with a valid [SSL certificate](https://docs.alemba.com/asm/asm-hermes/integrate/managing-integration/single-sign-on-using-saml/ssl-binding). This is required for the web redirect url.

Enable “Email OAuth 2.0 Support” in the [Preview Features/Advanced](https://docs.alemba.com/asm/asm-hermes/setup-and-configure-asm/configuring-your-system/system-administration-settings/preview-features-advanced-options) Features of system admin. You may need to log out for the changes to take effect.&#x20;