Microsoft Graph integration

Microsoft has officially announced that,next year it will fully disable sending mail using account passwords (SMTP Basic Authentication). This means all systems still relying on traditional SMTP + username/password to send mail will face interruption risk.

If your system still sends via smtp.office365.com and uses regular user account passwords to send mail, this mode will soon stop working. You must complete the replacement in advance and switch to Microsoft Graph API + Azure App Registration as the modern secure architecture. This is not just a "recommendation", but a "requirement".

Below are the complete migration steps to help you create an App Registration in Azure and obtain the necessary API information for FIRST LINE.

1. Create an App Registration in Azure

This step creates a "dedicated application identity" that your system will use to authenticate to Microsoft Graph and obtain mail-sending permissions.

1. Create an App Registration

1. Sign in to the Azure Portal

2. Go to Azure Active Directory → App registrations

3. Click New registration

4. Configure:

   • Name: Your application name (e.g.: Mail Sender App)

   • Supported account types: Select "Accounts in this organizational directory only"

5. Press Register

2. Configure mail-sending permission (Mail.Send)

1. In your App go to API Permissions

2. Click Add a permission

3. Select Microsoft Graph

4. Select Application permissions(not Delegated)

5. Find Mail.Send and check

6. Press Add permissions

7. Finally perform Grant admin consent

   • This will allow the App to send mail on behalf of the organization

3. Create a Client Secret (used for your system to obtain a Token)

1. Go to Certificates & secrets

2. Click New client secret

3. Set a description and expiration

4. Immediately copy the "Value" after creation

   • This is your system's only chance to obtain the Graph API Token value

2. The three key pieces of information you will need

From the Azure App Registration Overview and Secrets you will get:

• Client ID (Application ID)

• Tenant ID

• Client Secret

Your system will use these three values to perform the OAuth 2.0 Client Credentials Flow — paste them into the corresponding mailbox account in FIRST LINE to test.