How to enable Azure OAuth 2 integration for Outlook calendar sync
Why enable OAuth 2 integration for Outlook calendar sync?
Enabling OAuth 2 integration allows users to sync their assigned LibStaffer shifts with their Outlook calendars, making it easy for them to know their work schedules without having to log into LibStaffer. By default, LibStaffer requires users to enter their server address, username, password, and email address in order to facilitate Outlook calendar sync.
By contrast, OAuth 2 integration doesn't require users to enter any account information directly into LibStaffer. Instead, they will simply need to log into their Outlook accounts and give the LibStaffer app authorization to write events to their calendars. Not only is this the most secure way of enabling calendar sync with Outlook, it's by far the most convenient. Once authorized, users can choose to stop syncing at any time by simply revoking the authorization in their LibStaffer account settings. (Admins also have the option to disable the app integration for all users, if desired.)
- Step 1. An Admin user will need to register the LibStaffer app with Microsoft for your organization. You may want to ask the appropriate IT staff member do this, though it may not be required for your organization.
- Registering an app is what allows you to enable syncing for your LibStaffer system.
- The LibStaffer app requires only the Calendar.ReadWrite and User.Read permissions to be granted. No other account permissions are needed by LibStaffer.
- The person registering the app can user either their organizational Exchange/Office 365 account, or a personal Outlook/Microsoft account.
- Step 2. Once the app has been registered, a LibStaffer admin will need to enter the Application ID and Application Secret (provided during the registration process) in your LibStaffer integration settings.
- Step 3. After the integration has been set up and enabled, users will be able to individually authorize syncing within their LibStaffer account settings.
Before you can enable Outlook calendar sync via OAuth 2 for your LibStaffer system, you must first register the LibStaffer app for your organization. Although you may prefer to ask a member of your IT staff to do this step, it is not required. Once the app has been registered, you will receive a unique Application ID and Application Secret, which LibStaffer needs in order for OAuth 2 sync to work. This step only needs to be done once.
The first part of this step is to obtain your system's Redirect URL. A LibStaffer admin will need to do this part.
- Log into LibStaffer and go to Admin > Integrations.
- In the Azure AD OAuth 2 box, you'll find the Redirect URL for your system.
- If you will be completing the app registration yourself, leave this page open in a separate browser tab. You'll need to copy and paste this URL during the registration process.
- Otherwise, provide this URL to the person completing the app registration.
B. Registering the app
The person who will be registering the app for your organization will complete the following steps.
- Sign into the Microsoft Application Registration Portal using your Microsoft account.
- On the My Applications page, click on the Add an app button.
- In the Application Name field, enter a name for the application (e.g. "LibStaffer sync").
- Do not enable the "Let us help you get started" checkbox for Guided Setup.
- Click the Create button.
- On the Registration page, under Properties, copy the unique Application Id for your new app. You'll need to enter this in your LibStaffer Integrations settings.
- Under Application Secrets, click on the Generate New Password button.
- This will display a window containing a new, unique password for your app.
- This password will only display once: copy the password and keep it with your Application Id. This will also need to be entered in your LibStaffer Integrations settings.
- Although you will not be able to view that password again, don't worry: you can always generate a new one to use instead.
- Under Platforms, click on the Add Platform button.
- In the Add Platform window that appears, click on the Web option.
- A Web box will display on the registration page. In the Redirect URLs field, enter the Redirect URL obtained from LibStaffer (see Step 1A above).
- Under Microsoft Graph Permissions, click on the Add button next to Delegated Permissions.
- In the Select Permission window, select the checkbox next to Calendars.ReadWrite.
- Click the Ok button.
- Under the Profile section, you can optionally customize what users will see on the app authorization page (i.e. when an individual user authorizes LibStaffer sync for their calendar). These options are not required.
- At the bottom of the page, click the Save button.
- Once saved, be sure to provide the Application ID and Application Password to the LibStaffer admin so they can enter it into LibStaffer to enable the app (see Step 2 below).
Once the Application ID and Application Password have been obtained during the app registration process, the LibStaffer Admin will use these to enable syncing for their LibStaffer system.
- Log into LibStaffer and go to Admin > Integrations.
- In the Azure AD OAuth 2 box, enter the Application ID obtained during the app registration process.
- In the Application Secret field, enter the Application Password obtained during the app registration process.
- Set the Enable Calendar Sync with Azure AD OAuth 2 option to Enabled to allow users to set up syncing with their calendars.
- You can return to this page at any time to disable syncing system-wide.
- Click the Save Settings button.
With OAuth 2 calendar sync enabled in your LibStaffer Integrations settings, all users will now be able to start syncing their LibStaffer shifts with their Outlook calendars.
- Click on your email address in the orange nav bar to access your personal account settings.
- On the Manage Account page, click on the Outlook/Exchange tab.
- In the OAuth 2 Authorization box, click on the Authorize with Microsoft Account button.
- Don't see this option? A yellow alert message will indicate if OAuth 2 Authorization is not currently set up or enabled for your system. Please contact your LibStaffer admin for assistance, or use the legacy Password Authentication method.
- You will be taken to the sign-in page for your Microsoft account. Enter your Outlook username and password to log in.
- When prompted, click Yes to grant permissions for the LibStaffer app to read your profile and write events to your calendar.
- These permissions are required in order for LibStaffer to create, edit, and delete events for your scheduled shifts.
- This only needs to be done once for your account, unless you revoke these permissions in your Microsoft account settings.
- You'll be taken back to your LibStaffer Outlook/Exchange settings. In the OAuth 2 Authorization box, select which calendar to which you want to sync your shifts.
- Click the Save Calendar button.
- You can return to this page at any time to disable syncing. Simply click the Remove Authorization button and shifts will no longer be synced to your calendar.