An Office 365 Administrator is required to perform the following step to enable a PhixFlow instance to interact with Microsoft Office 365 Outlook.

1. Open the Microsoft Entra Admin Center at https://entra.microsoft.com/#home
2. Select Applications → App Registrations
3. Click New Registration
   1. Name: PhixFlow O365 Integration, or another appropriate value
   2. Supported Account types: Choose Accounts in this organizational directory only
   3. Redirect URI:
      1. Select a Platform: Web 
      2. URL: SystemURL+receiveTokenAuthentication.htm
         e.g. http://phixflowhost.com/phixflow/receiveTokenAuthentication.htm
4. Click Register
5. Take a note of the Application (client ID)
6. Click Add a certificate or secret
7. Click New client secret
   1. Give the certificate a name
   2. Set the expires time, after which the secret has to be refreshed. Either use the default 180 days, or pick an alternative value such as 730 days.
      1. Ensure you create a new the secret before it expires.
   3. Press Add
   4. Take a note of the value, this is the Client Secret 

1. Configure the application in Azure, Google Developer or similar
   1. https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
   2. https://learn.microsoft.com/en-us/power-platform/admin/connect-gmail-oauth2
2. Configuration parameters
3. The application type is Web
4. The redirect URL is yourPhixFlowInstance/receiveTokenAuthentication.htm
   1. For example, http://phixflowhost.com/phixflow/receiveTokenAuthentication.htm

1. Set the Client ID to the value obtained from Entra
2. Set the Client Secret to the value obtained from Entra
3. Set the Base URL to https://login.microsoftonline.com/common/ or https://login.microsoftonline.com/{tenantId}
   1. For example https://login.microsoftonline.com/MyCompany.com/
4. Set the Scopes to: user.read mail.read mail.send mail.read.shared mail.send.shared openid email offline_access
5. Leave Identity Claim blank
6. Enable Supports Inbound Email and Supports Outbound Email

1. Set the Client ID to the value obtained from Azure/Google
   1. You may require assistance from your IT Team for this
2. Set the Client Secret to the value obtained from Azure/Google
3. Set the Auth URL to https://accounts.google.com/o/oauth2/v2/auth?prompt=&access_type=offline
   1. For tokens to auto renew set access_type=offline as a parameter in the URL
   2. Set the Token URL to https://oauth2.googleapis.com/token
   3. Set the Scopes to https://mail.google.com/

For an inbound email account:

1. Set the Protocol to Microsoft
2. After setting the Authorisation Type, set the Login to the account email address 
3. Set the On Email Received
4. Select your Client Token Configuration
5. Click  Authenticate Email Account to perform the authentication process which provides access to your Microsoft account

1. Set Authorisation Type to OAuth2
2. Select your Client Token Configuration
3. Click Authenticate Email Account to perform the authentication process which provides access to your Google account
   1. POP, IMAP, and SMTP settings for Outlook.com - Microsoft Support
   2. For POP Outlook add to the properties mail.pop3s.auth.xoauth2.two.line.authentication.format=true