Before you configure
PIM to use the Azure SMTP Client mail flow provider, you need to add and configure a
PIM Email application registration within your instance of Azure AD. This provides
PIM's system mailbox logon with a refreshable authentication token.
Prerequisites: Before you configure your
PIM system to use the Azure SMTP Client mail provider, ensure you have read the information in the
Preparation topic.
To add and configure the
PIM Email app registration in Azure AD:
-
Go to the Azure portal by visiting
https://portal.azure.com.
-
Select
Azure Active Directory.
-
In the left-hand menu, from the
Manage menu, select
App registrations.
-
On the App Registrations screen, click
+ New registration.
-
On the Register an Applications screen, do the following:
-
In the
Name field, enter
Deltek PIM Email.
-
Under Supported account types, select
Accounts in this organization directory only.
-
Under Redirect URI (Optional), select
Web, and then enter your customer URL followed by the relative redirection endpoint:
XWeb/Security/IdentityProviderCallback.ashx?provider=Microsoft&applicationType=Email
For example, the URL will look like this:
https://yourPIMsitename.yourDomain.com/XWeb/Security/IdentityProviderCallback.ashx?provider=Microsoft&applicationType=Email
-
Click
Register to create and save the application.
-
From the Manage menu, select
Authentication.
-
On the Authentication screen, under Redirect URIs (which you populated in step 5), do the following:
-
In the Implicit grant and hybrid flows section, select both the
Access tokens (used for implicit flows) and
ID tokens (used for implicit and hybrid flows) options.
-
In the Supported account types section, select the
Accounts in this organizational directory only option.
-
In the Advanced Settings section, under Allow public client flows, set the
Enable following mobile and desktop flows option to No.
-
From the App Registrations menu, select Certificates & Secrets, and do the following:
-
On the Certificates and Secrets screen, navigate to the Client Secrets tab and click
+ New client secret.
-
In the
Description field, enter
Deltek PIM Email.
-
Under Expires, Deltek recommends that you select
24 Months. Alternatively, click
Custom to set a custom expiration timeframe that suits your organization's requirements.
If you choose a shorter timeframe from the recommended 24 months, you should schedule a calendar reminder to renew the secret at least one month prior to the expiration date to prevent login errors from occurring.
-
Click
Add to generate the secret value.
To save time later, click the clipboard icon next to the secret and paste it into a text file. This value is required when you configure the Azure SMTP provider in
PIM.
-
From the App Registrations menu, select API Permissions, and then do the following:
If you have already registered with a Microsoft Graph > User.read delegated permission, you can skip this step.
-
Click
Add a Permission.
-
In the right-hand panel, under the Microsoft's APIs tab, select
Microsoft Graph.
This option displays as a large tile at the top of the list.
-
Select the
Delegated Permissions type.
-
Use the
Select Permissions filter to find and select the following permissions: Offline Access, OpenID, Profile, and SMTP Send.