Setting up OTP Simple Email Service (SES) on Azure for Business Continuity

You can set up the Simple Email Service (SES) on Azure. After a new mail app is registered successfully on Azure without any errors, it sets up and enables the sending of emails from an existing M365 (Office365) account. Once set up successfully, you can use this for Business Continuity for the one time password (OTP).

To set up the Simple Email Service (SES) on Azure and configure CAM for Business Continuity, complete the following steps:

• Registering a Mail Application on MS Azure

• Creating Client Secret for the Registered Mail Client

• Enabling Microsoft Graph API Application to Send Emails

• Creating M365 User and Enabling Email Services

• Configuring CAM for Business Continuity

Registering a Mail Application on MS Azure

To register a mail application on MS Azure:

1. Open the https://portal.azure.com and log into Azure.

2. In the search text box, search for App registrations and click on the App registrations.

3. Click on + New registration to create a new App Registration in Azure AD.

4. On the Register an application screen, enter a new name for your mailbox.

5. Do not make any changes to the Supported account types options.

6. Click Register. Now, after registering the new mail app, you need to create a new client secret.

Creating Client Secret for the Registered Mail Client

The client secret is an application password. These credentials enable applications to authenticate themselves.

1. On MS Azure, navigate to Certificates & secrets under the Manage section of this app.

2. Select + New client secret.

3. Enter a description for the mail client app.

4. Select the expiration period from the Expires drop-down.
   
   

   Open

   

    

5. Copy and save the generated value in a notepad file before it gets hidden. Save this to an important place.

Enabling Microsoft Graph API Application to Send Emails

To enable the Microsoft Graph API Application to Send Emails:

1. On MS Azure, navigate to API permissions under the Manage section of this app.

2. Select Add a permission --> Microsoft Graph API → Application Permissions.

3. Add Mail.Send.

4. Grant administration permissions to the Microsoft Graph API application.
   This enables the Microsoft Graph API application to send emails as a user.
   
   

Now, the Microsoft Graph API application has the required permissions to send emails. However, to send emails as a user, the Graph API also needs a user ID such as no-reply@xxxxx.xxx.

Creating M365 User and Enabling Email Services

To create a new M365 (Office365) user and enable email services:

1. Log into http://office.com.

2. On the left pane, select Admin → expand Users → Active users → Add a user.

3. Enter the mandatory details in the fields such as username: bc-no-reply@xxxxx.xxx and Display Name: Business Continuity.

4. Enter the user access to a license that includes Exchange Online such as Microsoft Teams Exploratory.

Open

Configuring CAM for Business Continuity

On the MS Azure’s App Registration Overview screen, you can find the values needed for configuring CAM for business continuity. Make a note of these values and enter them on CAM’s Azure Communication Settings page.

To configure CAM for Business Continuity (BC):

1. In CAM, click Administration → Data Sync → Content Sync Settings to navigate to the Azure Communication Settings page.

2. Enter the following values on this page: