Organizations with Modern Authentication and Legacy Protocols
You can add Microsoft 365 organizations using modern authentication and MFA-enabled service account with enabled legacy protocols.
Request
POST https://<hostname>:4443/v6/Organizations |
Request Headers
The request header must contain an authorization token of the current session.
Request Parameters
None.
Request Body
The request body must contain the following properties:
Property | Type | Description |
|---|---|---|
type | string | Specifies the type of the organization you add. The following types are available:
|
region | string | Specifies Microsoft Azure region. The following values are available:
|
isExchangeOnline | boolean | Defines whether to add an Exchange Online organization. |
isSharePointOnline | boolean | Defines whether to add a SharePoint Online organization. |
isTeamsOnline | boolean | Defines whether the added organization uses Microsoft Teams. If set to true, indicates that you will be able to back up Microsoft Teams data for this organization. |
isTeamsChatsOnline | boolean | Defines whether the added organization uses team chats. Backup of team chats using Protected APIs in Microsoft Teams is not supported for Microsoft 365 organizations with modern authentication and legacy protocols. You must set this property to false. Note: This property is available starting from Veeam Backup for Microsoft 365 version 6a (build 6.1.0.222). |
exchangeOnlineSettings | Specifies the ExchangeOnlineSettings object. | |
sharePointOnlineSettings | Specifies the SharePointOnlineSettings object. |
Property | Type | Description |
|---|---|---|
account | string | Specifies the user account with enabled multi-factor authentication (MFA). |
password | string | Specifies the password for the specified user. |
grantAdminAccess | boolean | Defines whether to grant administrative permissions. |
useMfa | boolean | Defines whether to use multi-factor authentication. |
applicationId | string | Specifies the identification number of the Azure AD application that you want to use to access your Microsoft 365 organization. |
applicationSecret | string | Specifies the application secret for the specified Azure AD application. Use either applicationSecret or applicationCertificate. |
applicationCertificate | string | Specifies the Base64 string of an SSL certificate that you want to use to access the Azure AD application. Use either applicationSecret or applicationCertificate. For more information on how to obtain a Base64 string, see Converting Certificate to Base64 String. |
applicationCertificatePassword | string | Specifies the password for the specified certificate. |
sharePointOnlineSettings Objects
Property | Type | Description |
|---|---|---|
account | string | Specifies the user account with enabled multi-factor authentication (MFA). |
password | string | Specifies the password for the specified user. |
grantAdminAccess | boolean | Defines whether to grant administrative permissions. |
useMfa | boolean | Defines whether to use multi-factor authentication. |
applicationId | string | Specifies the identification number of the Azure AD application that you want to use to access your Microsoft 365 organization. |
applicationSecret | string | Specifies the application secret for the specified Azure AD application. Use either applicationSecret or applicationCertificate. |
applicationCertificate | string | Specifies the Base64 string of an SSL certificate that you want to use to access the Azure AD application. Use either applicationSecret or applicationCertificate. For more information on how to obtain a Base64 string, see Converting Certificate to Base64 String. |
applicationCertificatePassword | string | Specifies the password for the specified certificate. |
Converting Certificate to Base64 String
If you want to use a certificate to access an Azure AD application, you must provide the certificate as a Base64 string. To obtain a Base64 string, perform the following steps:
- Get the certificate content from a PFX file.
- Convert the certificate to a Base64 string.
To do this, you can use the following PowerShell cmdlets:
$pfx_cert = get-content '<path_to_cert>' -Encoding Byte [System.Convert]::ToBase64String($pfx_cert) | Out-File '<path_to_file>' |
where:
- <path_to_cert> — path to the PFX file that you want to convert to a Base64 string.
- <path_to_file> — path to a file that that will contain the resulting Base64 string. You will be able to copy the Base64 string from the file and provide the string in the body of a request to Veeam Backup for Microsoft 365 REST API.
For example:
$pfx_cert = get-content 'C:\cert.pfx' -Encoding Byte [System.Convert]::ToBase64String($pfx_cert) | Out-File 'C:\base64.txt' |
Request Example
Request: POST https://abc.tech.local:4443/v6/Organizations
Request Header: Authorization: Bearer <Access-Token> Request Body: { "type": "Office365", "region": "Worldwide", "isExchangeOnline": true, "isSharePointOnline": true, "isTeamsChatsOnline": false, "sharePointOnlineSettings": { "account": "administrator@abc.onmicrosoft.com", "password": "password", "grantAdminAccess": true, "useMfa": true, "applicationId":"63caebf0-2624-48d0-9ece-de1db611dc98", "applicationSecret":"5dHpLX5UWMMiPb+wUF+0dD980Dc5rWevYeVTU18c5TE=" }, "exchangeOnlineSettings": { "account": "administrator3@abc.onmicrosoft.com", "password": "password", "grantAdminAccess": true, "useMfa": true, "applicationId":"63caebf0-2624-48d0-9ece-de1db611dc98", "applicationSecret":"5dHpLX5UWMMiPb+wUF+0dD980Dc5rWevYeVTU18c5TE=" } } |
Response
The server returns the following response to the client.
Response Codes
A successfully completed operation returns a response code 200 OK.
Response Headers
The response to this request contains the following headers. The response may also include additional standard HTTPS headers.
Header | Description |
|---|---|
Content-length | The length of the response body. |
Content-type | The media type and syntax of the response body message: application/json; charset=utf-8 |
Response Body
The response body contains the following properties:
Property | Type | Description |
|---|---|---|
exchangeOnlineSettings | object | Specifies the configuration of the Exchange Online organization. |
sharePointOnlineSettings | object | Specifies the configuration of the SharePoint Online organization. |
type | string | Specifies the type of the organization. The following types are available:
|
region | string | Specifies the Microsoft Azure region. |
isExchangeOnline | boolean | Defines whether the Exchange Online organization is added. |
isSharePointOnline | boolean | Defines whether the SharePoint Online organization is added. |
isTeamsOnline | boolean | Defines whether the added organization uses Microsoft Teams. If set to true, indicates that you will be able to back up Microsoft Teams data for this organization. |
isTeamsChatsOnline | boolean | Defines whether the added organization uses team chats. Backup of team chats using Protected APIs in Microsoft Teams is not supported for Microsoft 365 organizations with modern authentication and legacy protocols. This property must be set to false. Note: This property is available starting from Veeam Backup for Microsoft 365 version 6a (build 6.1.0.222). |
id | string | Specifies the identification number of the Microsoft 365 organization. |
name | string | Specifies the name of the organization in Veeam Backup for Microsoft 365. |
officeName | string | Specifies the Microsoft 365 Online name. |
isBackedup | boolean | Define if the organizations has backups. |
firstBackuptime | string | Specifies when the first backup was created for the organization. |
lastBackuptime | string | Specifies when the last backup was created for the organization. |
_links | Dictionary of string [key] and Object [value] | Links to related resources (navigation property). |
Response Example
Response: 200 OK
Response Body: { "isTeamsOnline": true, "isTeamsChatsOnline": false, "exchangeOnlineSettings": { "useApplicationOnlyAuth": false, "officeOrganizationName": "abc.onmicrosoft.com", "account": "administrator@abc.onmicrosoft.com", "grantAdminAccess": true, "useMfa": true, "applicationId": "63caebf0-2624-48d0-9ece-de1db611dc98" }, "sharePointOnlineSettings": { "useApplicationOnlyAuth": false, "officeOrganizationName": "abc.onmicrosoft.com", "sharePointSaveAllWebParts": false, "account": "administrator@abc.onmicrosoft.com", "grantAdminAccess": true, "useMfa": true, "applicationId": "63caebf0-2624-48d0-9ece-de1db611dc98" }, "type": "Office365", "region": "Worldwide", "isExchangeOnline": true, "isSharePointOnline": true, "id": "7f9a9b85-50e7-4f61-8f76-6a9517b8677d", "name": "abc.onmicrosoft.com", "officeName": "abc.onmicrosoft.com", "isBackedup": false, "_links": { "self": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d"}, "jobs": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/jobs"}, "groups": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/groups"}, "users": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/users"}, "sites": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/sites"}, "usedRepositories": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/usedRepositories"} }, "_actions": {} } |