← Microsoft setup overview
WEDGE · STEP 2 OF 2
Register the Microsoft app (Outlook + Teams)
For: whoever Kevin delegates this to (no coding needed) · Time: ~20–30 min
Do
Step 1 first (create the Microsoft account). You should be
signed in to Microsoft Entra as the admin of the new Jolly Commerce tenant before starting here.
You'll create one Microsoft "app registration" so our clients can connect their Outlook and
Teams. You create it once; every client reuses it.
✅ What to send back to Kevin
Copy these four things into a message. The secret is sensitive — send it via
1Password / a private DM, not a public channel.
- Application (client) ID — like
11111111-2222-3333-4444-555555555555
- Directory (tenant) ID — same format
- Client secret VALUE — a long random string (⚠️ shown only once — see Step D)
- Secret expiry date — the date you pick in Step D
If the site looks different, you can do the identical steps at
portal.azure.com → search “Microsoft Entra ID”.
Step A — Create the app
- At entra.microsoft.com, left menu → Entra ID →
App registrations.
- Click + New registration.
- Name:
Wedge Connectors.
- Supported account types: choose “Multiple Entra ID tenants”.
⚠️ Not “Single tenant”, and not the option that also says “Personal Microsoft accounts”.
- Redirect URI: set the platform dropdown to Web, then paste exactly:
https://mcp.wedgeai.work/oauth/microsoft/callback
- Click Register.
- On the Overview page, copy Application (client) ID and Directory (tenant) ID
(deliverables #1 and #2).
Step B — (Only if you skipped the redirect URI)
- Left menu under Manage → Authentication.
- + Add a platform → Web tile.
- Paste
https://mcp.wedgeai.work/oauth/microsoft/callback into Redirect URIs.
- Leave the Access tokens and ID tokens checkboxes unchecked.
- Click Configure.
Step C — Add the permissions
- Left menu under Manage → API permissions.
- + Add a permission → Microsoft Graph tile.
- Click Delegated permissions (NOT “Application permissions”).
- Search for and tick each of these 14, then click Add permissions:
offline_access
openid
profile
User.Read
Mail.ReadWrite
Mail.Send
Calendars.ReadWrite
Team.ReadBasic.All
Channel.ReadBasic.All
ChannelMessage.Read.All
ChannelMessage.Send
Chat.Read
Chat.ReadWrite
ChatMessage.Send
openid, profile, offline_access are under a group called “OpenId permissions”.
- Click Grant admin consent for Jolly Commerce → Yes. The Status column should turn green ✔.
Step D — Create the secret (the app’s password)
- Left menu under Manage → Certificates & secrets → Client secrets tab.
- + New client secret. Description:
wedge-prod.
- Expires: choose 24 months (the max). Write down the expiry date (deliverable #4).
- Click Add.
- ⚠️ Copy the Value immediately — the long string in the Value
column (deliverable #3). It’s shown only once; refresh the page and it’s gone forever.
Do not copy the “Secret ID” — that’s the wrong one.
Step E — Publisher verification (recommended, optional)
Adds a blue “verified” badge so clients’ IT won’t block the app. It needs a Microsoft Partner account,
so it may need Kevin. If you don’t have that, skip it and tell Kevin — it can be added later
without breaking anything.
You’re done 🎉
Send Kevin the four items from the box at the top. Double-check:
- Account type = Multiple Entra ID tenants.
- Permissions are under Delegated, and you clicked Grant admin consent.
- You copied the secret Value (not Secret ID) and saved the expiry date.
- Redirect URI is exactly
https://mcp.wedgeai.work/oauth/microsoft/callback.