Step 4. Specify Azure AD Application Credentials
At this step of the wizard, specify credentials for Azure AD application that you want to use to access your Microsoft 365 resources.
To specify Azure AD application credentials, do the following:
- In the Application ID field, specify an identification number of your Azure AD application.
You can find this number in an application settings in your Azure Active Directory. For more information, see this Microsoft article.
- Select an Azure AD application authentication type. You can select either Application secret or Application certificate:
- To use a secret key, select the Application secret option and enter a secret key in the field nearby to access your custom application.
To obtain a secret key, you will need to generate it first. For more information on how to generate a secret key, see this Microsoft article.
Keep in mind that a key will become hidden once you leave or refresh the page in the Azure portal. Consider saving the key to a secure location.
- To use a certificate, select the Application certificate option and click Install. For more information, see Installing SSL Certificates.
Keep in mind that you must upload a certificate file to the Azure portal beforehand. For more information, see this Microsoft article.
- In the Username and App password fields, specify Exchange Online credentials of your Microsoft 365 organization.
You must provide a user account in one of the following formats: email@example.com or firstname.lastname@example.org. If you are using an ADFS account, you can only use a non-MFA enabled ADFS account.
- Select the Grant this account required roles and permissions check box to automatically assign the ApplicationImpersonation role. This role is required to back up Microsoft 365 Exchange mailboxes.
To assign the ApplicationImpersonation role, make sure the account that you use is a member of the Organization Management group and has been granted the Role Management role in advance.
- Select the Use the same credentials for SharePoint Online, OneDrive for Business and Microsoft Teams check box if you want to use the same credentials to access your SharePoint Online, OneDrive for Business and Microsoft Teams organizations. This check box is only available if these organization types have been selected at the Select Organization Deployment Type step.
If the Use the same credentials for SharePoint Online, OneDrive for Business and Microsoft Teams check box is not selected, you will be offered to provide required credentials for the SharePoint Online, OneDrive for Business and Microsoft Teams organizations at the Specify SharePoint Online, OneDrive for Business and Microsoft Teams Credentials step.