Exchange Sync

Follow the steps below to use Microsoft Graph API instead of the historic Outlook Rest APIs.

If consent for Outlook Rest APIs was previously granted, use the same domain to grant consent to Graph API.

Grant Admin Consent

  1. Start the Token app with the appropriate URL:
    1. For a Production/Pilot environment, use
    2. For a UAT/Trial environment, use
  1. Click Grant Admin Consent and enter your Microsoft 365 Admin account credentials.
  1. When logged in, review the notes displayed on the popup window about the permissions being requested. Learn more
  1. Click Accept.
  1. Copy the Tenant ID, Organization, and TokenProvider APIKey information from the Microsoft 365 Tenant Permission Portal by clicking the copy button to the right of each field.
  1. Log out from the token application.
  2. Provide the information copied above to Condeco by your agreed method.

Authorize via Service Account

The service account is used by Condeco to manage your calendars and requires impersonation rights to all Exchange room calendars mapped in Condeco.

  1. Start the Token app with the appropriate URL:
    1. For a Production/Pilot environment, use
    2. For a UAT/Trial environment, use
  1. Click Authorize via Service Account and enter your Microsoft 365 Service Account credentials to initiate the OAuth grant process.
  2. The Microsoft 365 Tenant Permission Portal opens and displays the logged-in service account email address, tenant ID, and domain.

During the setup process, the following access to our Token Provider application is granted:

  • Sign in and read user profiles
  • Read and write calendars in all mailboxes

To restrict Condeco to access only specific room mailboxes, use the New-“ApplicationAccessPolicy” PowerShell cmdlet to configure access control. The process is described here Control access to calendars.

The Condeco Exchange Sync service uses Graph API to connect to your Microsoft 365 Exchange Service. Whilst permissions requested during authorization are for ‘all mailboxes’ Graph APIs can be used to limit access to specific mailboxes. More information from Microsoft here:

What happens next?

After granting consent, send the following information back to Condeco via the Condeco Support portal.

  • Service account username
  • Tenant ID
  • Organization
  • TokenProvider APIKey
  • Email address for one room mailbox from your room list

This information is necessary to complete the synchronization between your Condeco platform and your Microsoft Exchange service.

When Condeco has completed the onboarding process, log in to Condeco as a Global Admin and map your Exchange rooms on the Exchange room mapping page. Learn how


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Condeco Support

Post Comment