Hi, this is Randy Rempel, product manager from Metalogix essentials. And I'm going to run through the OAuth authentication and registration of our app using Metalogix essentials. OAuth authentication is required to authenticate with the Microsoft Graph API and the future of content migrations into Office 365 will require calling the Microsoft Graph API.
So calling this Graph API requires an Azure directory app and you need to provide consent to allowing the AD app access to the tenant with specific permissions. I also want to talk briefly about permissions. Delegated permissions are defined in the app and the user will consent to these permissions. The app can never have more privileges than the signed in user and the privileges of the signed in user may be determined by policy or by membership in one or more administrative roles.
So you must still use a global administrator or SharePoint admin account to use the delegated permissions effectively. If you want to learn more about-- find the information on authentication and authorization basics for Microsoft Graph, please go to the URL that I've included here.
So now, I'm going to run through the steps to install or to set up an OAuth authentication and register our app. I've already gone in to Profile Manager and I'll scroll down to the bottom here to where we have the OAuth options. I'm going to already check the use OAuth and then I'll add in the global admin and password.
So unlike content matrix, there isn't a URL that I'm adding in here. But I will click authenticate app manually. I'm going to copy the URL here. I usually open up a incognito window. And I'm going to get the code from this dialogue box. Click next, my account. Then I can see the permissions. Make this a little bigger for everyone to see. You'll see more permissions listed here than you did for the content matrix permissions. Rest assured that they are essentially the same permissions. The difference here is that they added in a lot more permissions for read access.
But the top level permissions are all here in play. So what we are going to do is make some changes so that the permissions are matched between content matrix and essentials in the future. You can consent on behalf of your organization here. So if you accept, this app will get access to the specified resources for all users in your organization. No one else will be prompted to review these permissions. Click accept. So now, I can close this window, close this window, close this window.