Microsoft’s OAuth is used to access and Office 365 address books. also includes, and associated internationalized email addresses.

After you follow these steps, your users will see your domain in the Microsoft Authentication window instead of ours.

  1. If you haven’t already done so, create a Proxy URL on your application’s domain.
  2. Go to App Registrations in the Azure Portal.
  3. Click on New registration and complete the “Register an application” form:
    • Name: Enter the name of your app,
    • Supported account types: choose “Accounts in any organizational directory and personal Microsoft accounts”. This is an important step. Without the correct selection, you will be limited by who is able to share their contacts based on the type of Microsoft account they have.
    • Redirect URI: enter the public URL of your Proxy URL from Step 1.
    • Click Register to create the registration. You should be redirected to the new App registration.
  4. Click on Manage > Branding in the App registrations side menu. This page lets you specify what the user will see and input your branding details:
    • Upload your logo, paying close attention to Microsoft’s requirements for image format and size. This is considered best practice since it creates a visual cue for users as they are being asked to share their information.
    • Enter the URLs for your Home page, Terms of Service and Privacy Statement. These pages are linked to from the OAuth consent page.
    • Verify your Publisher Domain:
      • Click Configure a domain or Update domain (depending on which is visible)
      • Select the Verify a new domain tab, if it is visible.
      • Publisher Domain: Enter your application’s domain.
      • Upload the JSON content to the location specified on the form.
      • Click “Verify and save domain”.
    • Save your branding changes.
  5. Add API permissions:
    • Click on Manage > API permissions in the App registrations side menu.
    • Click on Add a permission to open the permissions selector.
    • Click on Microsoft Graph
    • Click on Delegated permissions
    • Find and select Contacts.Read in the list.
    • Click Add permissions.
  6. Get your client secret:
    • Click on Manage > Certificates & secrets in the App registrations side menu.
    • Click on New client secret
    • Enter a Description for the secret, e.g. CloudSponge
    • Select “Never” for the Expires value.
    • Click Add.
  7. Add your OAuth credential to CloudSponge:
    • Sign in to your CloudSponge account and Add OAuth Credential from your keys page.
    • Enter the Client ID and Client Secret that you recorded above, and the Redirect URI where you created the CloudSponge Proxy in step 1 above.
    • To associate the branding with your site: click Sites, click the Assign OAuth button beside your site and choose the new branding in the dropdown.
  8. Phew! You are done! Now you can test your connection to on your site to verify that the OAuth flow correctly reflects your branding.

You can learn more about Microsoft’s Application Registration Portal here.

Try CloudSponge for free in your
testing environment

Get a Free Sandbox Account

Have a questions or prefer a guided tour?
Schedule a consultation with our Founder.