Reporter Authentication

Introduction

By default, anyone who installs your plugin can report emails to you. Neither Lucy nor the plugin consider where the report is coming from before filing it, the plugin simply forwards the email and Lucy generates a report.

If you want to restrict who can report, you can add an authentication step to the Outlook or Office 365 plugin by connecting an Azure application. General information about connecting Azure apps to Lucy can be found here, but for the plugin workflow you can follow the steps below.

For this type of deployment you must have administrator privileges in your Azure AD.

Deployment with authentication

Azure settings

Login to your Azure portal and navigate to Microsoft Entra ID (formerly Azure AD).
Navigate to App Registrations and create a New Registration.
Give the application a name.
For the organization type select Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox).
Define a Web redirect URI like so: https://<yourURL>.<tld>/oauth
Click Register.
In the application overview, click the Redirect URIs option then select Add a platform.
Select the Mobile and Desktop Applications option, enable all three of the pre-defined URIs, then click Configure.
Scroll to the bottom of the Authentication page and enable Live SDK Support and Allow Public Client Flows, then click Save.
Navigate to Certificates & secrets and create a new client secret. Give the secret a name and expiration date, then click Add.
Copy the Secret Value. Then navigate to the Overview and copy the Application (client) ID and Directory (tenant) ID as well. You will need all three values for the next steps.

Azure Settings

Login to your Azure portal and navigate to Microsoft Entra ID (formerly Azure AD).
Navigate to App Registrations and create a New Registration.
Give the application a name.
For the organization type select Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant).
Define a Web redirect URI like so: https://<yourURL>.<tld>/oauth
Click Register.
In the application overview, click the Redirect URIs option then select Add a platform.
Select the Single-page Application option and add the following two redirects:
1. https://<yourURL>.<tld>/login/login.html
2. https://<yourURL>.<tld>/new-o365/dist/index.html
Navigate to Certificates & secrets and create a new client secret. Give the secret a name and expiration date, then click Add.
Copy the Secret Value. Then navigate to the Overview and copy the Application (client) ID and Directory (tenant) ID as well. You will need all three values for the next steps.

Lucy Settings

Add the application to your Lucy server using the Application ID, Tenant ID, and Client Secret.
Navigate to Settings -> Submitted Email Settings -> Plugin Settings and configure your reporting plugin. For authentication you must enable the HTTP reporting method as well as the authentication setting:
Click Save.
Download and deploy the plugin for your mail client:
1. Outlook Native (MSI)
2. Office 365 (XML)

PreviousDeploying Gmail NextApplication Screens Reference

Last updated 1 month ago