The MyTimetable Office 365 integration is able to connect to a user's calendar using the Microsoft Graph REST API. This page describes how to grant MyTimetable access to the Microsoft Graph REST API.
Determine authorization method
There are two ways to authorise MyTimetable to access calendars: application permissions or delegated permissions.
When using application permissions, MyTimetable is granted access to all calendars or a subset of calendars limited by a mail-enabled security group in advance. This means MyTimetable can setup synchronisations without further actions from the user, which is appropriate for scenarios where a synchronisation needs to be setup as soon as a user is provisioned in MyTimetable. This uses the OAuth 2 client credentials flow.
When using delegated permissions, MyTimetable is granted access when the user requests to setup a synchronisation from MyTimetable. Depending on the settings, this will also show the user a consent prompt. This scenario is appropriate when users do not need to have an active synchronisation by default, and limits the security footprint of MyTimetable. This uses the OAuth 2 authorization code flow.
Setup Azure AD application
If MyTimetable is hosted by Eveoh, our support department will supply you with an authentication certificate which you will need in step 1. If you are hosting MyTimetable on-premises, first create this certificate using the steps outlined on On-premises: creating a certificate.
When using application permissions, perform the following steps:
When using delegated permissions, perform the following steps:
In order to enable service calls to the Microsoft Graph REST API, the following information is required:
- Azure AD tenant ID
- Application (client) ID of the registered app
When using managed hosting, please send this information to the Eveoh support department. When using on-premises hosting, you will need to enter these details in the MyTimetable EC configuration.