Setup strict mode OAuth connectivity with Microsoft Exchange Online

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 2 Minuten Lesedauer

    • Create a strict mode app registry for Microsoft Exchange Online with ServiceNow instance for OAuth authorization.

    Vorbereitungen

    Configure Microsoft Azure.

    Ensure that the application scope is set to Microsoft Exchange Online Spoke. Otherwise, do the following:
    1. Select the Application scope icon (Application scope to set the scope of your application.) on the Employee Center homepage.
    2. In the drop- down, select the option consisting Application scope:.
    3. In the filter navigator, search and select Microsoft Exchange Online Spoke.
    4. Refresh the page.

    Role required: admin

    Prozedur

    1. Navigate to All > System OAuth > Application Registry.
    2. Select New.
    3. Select Connect to a third party OAuth Provider
    4. On the form, fill in the fields with the specified details.
      Tabelle : 1. Third-party OAuth Provider form
      Field Description
      Name Unique name to identify the record as a strict mode record, for example, MsExchange strict mode.
      Client ID Client ID created during the app creation in Microsoft Azure.
      Client Secret The password you generated when creating the app in Microsoft Azure.
      Default Grant Type Grant type used to establish the token. Select Authorization Code.
      Authorization URL OAuth authorization code endpoint. Enter https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/authorize.
      Token URL OAuth server token endpoint. Enter https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token >.
      Redirect URL OAuth callback endpoint. The URL is automatically filled as https://<instance-name>.service-now.com/oauth_redirect.do.
    5. Right-click in the form header and select Save.
      A system-generated OAuth entity profile is created and displayed in the OAuth Entity Profiles related list. For example, MsExchange Strict mode default profile.
    6. Create a OAuth Entity Scope.
      1. In the OAuth Entity Scopes related list, select Insert a new row...
      2. Enter the name as Calendars.ReadWrite for the scope.
      3. Enter the OAuth scope as Calendars.ReadWrite.
      4. Select the Save icon.
      5. Right-click the Application Registry form header and select Save.
        The system creates the scope record. Similarly, create the following entity scopes:
        • Name: Calendars.ReadWrite.Shared

          OAuth scope: Calendars.ReadWrite.Shared

        • Name: offline_access

          OAuth Scope: offline_access

    7. Select Update.
    8. On the Application registry form, select the OAuth Entity Profiles related list.
      In the following steps, you add the OAuth Entity Scopes that you created in Step 6 to the default profile.
      1. Select the default entity profile, for example, MsExchange Strict mode default profile.
      2. On the OAuth Entity Profile form, do the following:
        1. In the OAuth Entity Profiles Scopes section, double-click Insert a new row.
        2. Select the Lookup icon (Lookup icon.).
        3. Select Calendars.ReadWrite that is assigned to the OAuth provider that you created in Step 6.
        4. Repeat the previous steps and also add the following OAuth Entity Profiles Scopes created in Step 6:
          • Calendars.ReadWrite.Shared
          • offline_access
    9. Select Update.

    Ergebnisse

    The strict mode OAuth registration is added for Microsoft Exchange Online with strict mode OAuth entity profiles and OAuth entity scopes.

    Nächste Maßnahme

    Configure the connection and credential alias. You can configure the default alias or create your own alias.

    To configure the default alias, refer to Configure strict mode Connection and Credential alias for Microsoft Exchange Online.