Use Exchange Impersonation

Use Microsoft Exchange Impersonation with a service account to manage Exchange connectivity. When you use Exchange Impersonation, the user never shares their password with Connect and their Outlook password never needs to be updated in Connect Sync Options, unless the Microsoft token expires (which is rare because of the length of time specified for the token).

  • To use Connect, the Vantagepoint application must be exposed to the internet via a publicly facing URL. If your network or firewall is configured to only allow certain IP addresses to access Vantagepoint, it will be necessary to add Connect IP addresses to the Allow list. See the Troubleshoot Synchronization and Connect Add-in Issues help topic for the list of IP addresses.
  • The security role for the individual who is responsible for configuring Connect must have access to Connect Administration. In Settings > Security > Roles, on the Overview tab, make sure that Connect Administration is selected under Utilities > Integrations.
  • The individual who is responsible for configuring Connect (selecting the Connect Administration option in Utilities > Integrations), must have an employee record associated with their user record in Settings > Security > Users. The employee record must also have a valid email address.
  • Each employee who will use Connect must have an employee record that includes an email address and is associated with a user record in Settings > Security > Users.
  • Windows authentication for the on-premises application is not supported with Vantagepoint Connect.
  • You must have a Client ID and Secret in API Authorization in Utilities > Integrations. Note: You only need to generate the secret once for all integrations. If you generate a new secret any time thereafter, all current integrations using the old secret will be broken until you refresh your access token for those integrations.

To use Exchange Impersonation for a group:

  1. In the Vantagepoint Navigation pane, select Utilities > Integrations > Connect Administration.
  2. On the Connect Administration form, select the Groups tab and then click the New button.
  3. On the Create Group form, enter a Name and an External ID for the group.
    After you create the record, the ID becomes read-only.
  4. Set the Mailbox Access Type option to Microsoft Exchange Impersonation.
    This requires all users in the Connect group to use the same service account and allows the system administrator to provision many users at once.
  5. Enter the service account logon, password, and EWS URL.