Help Center
Choose product document...
Veeam Backup for Microsoft Office 365 3.0
User Guide

Step 3. Specify Authentication Credentials

Depending on the authentication type that has been selected at the previous step, either of the following dialogs appears:

Basic Authentication

At this step of the wizard, do the following:

The user account must be provided in either of the following formats: user@domain.com or user@domain.onmicrosoft.com. You can also use a non-MFA enabled ADFS account.

If the Use the same credentials for SharePoint Online and OneDrive for Business checkbox is not selected, you will be offered to provide required credentials for the Microsoft SharePoint Online and OneDrive for Business organizations at the next step.

Click Next and wait for a connection to be established. Once established, the organization being added will appear in the Organizations view, under the Organizations node.

Step 3. Specify Authentication Credentials 

Modern Authentication

At this step of the wizard, do the following:

You can find this number in application settings of your Azure Active Directory, as described in this Microsoft article.

  • Choose an authentication method.

You can select either Application secret or Application certificate:

  1. In the Application secret field, enter a secret key to access your custom application.

To obtain a secret key, you will need to generate it first, as described in this Microsoft article.

Mind that a key will become hidden once you leave or refresh the page in the Azure portal. Consider saving the key to a secure location.

  1. To use a certificate, switch to the Application certificate option and click Browse to select an existing certificate or import a certificate from a .pfx file.

To be able to use a certificate, you must upload it to the Azure portal, as described in this Microsoft article.

  • In the Username field, specify your Microsoft Office 365 account name.
  • In the App password field, specify the app password that was generated upon enabling Multi-factor authentication (MFA), as described in this Microsoft article.
  • Select the Grant this account required roles and permissions checkbox to automatically assign the ApplicationImpersonation role. For more information, see Granting Roles and Permissions.
  • Select the Use the same credentials for SharePoint Online and OneDrive for Business checkbox if you want to use the same credentials to access your Microsoft SharePoint Online and OneDrive for Business data. This checkbox is only available if both organization types have been selected at the Select Organization Deployment Type step.

If the Use the same credentials for SharePoint Online and OneDrive for Business checkbox is not selected, you will be offered to provide required credentials for the Microsoft SharePoint Online and OneDrive for Business organizations at the next step.

Click Next and wait for a connection to be established. Once established, the organization being added will appear in the Organizations view, under the Organizations node.

Step 3. Specify Authentication Credentials 

Granting Roles and Permissions

When selecting the Grant this account required roles and permissions checkbox, Veeam automatically assigns the ApplicationImpersonation role, which is required to back up Microsoft Office 365 Exchange mailboxes.

Consider the following:

To hydrate an organization, Veeam uses the Enable-OrganizationCustomization cmdlet. For more information, see this Microsoft article.

  • To assign the ApplicationImpersonation role, make sure the account you are using is a member of the Organization Management group and has been granted the Role Management role upfront. Otherwise, the automatic assignment of the ApplicationImpersonation role will fail; an organization will not be added.
  • If the ApplicationImpersonation role has already been assigned earlier, this step will be skipped.
Veeam Large Logo

User Guide

RESTful API Reference

PowerShell Reference