Organizations with Modern Authentication and Legacy Protocols

You can add Microsoft 365 organizations using modern authentication and MFA-enabled service account with enabled legacy protocols.

Request

POST https://<hostname>:4443/v6/Organizations

Request Headers

The request header must contain an authorization token of the current session.

Request Parameters

None.

Request Body

The request body must contain the following properties:

Property

Type

Description

type

string

Specifies the type of the organization you add. The following types are available:

  • Office365
  • OnPremises
  • Hybrid

region

string

Specifies Microsoft Azure region. The following values are available:

  • Worldwide
  • USGovernment
  • Germany
  • China
  • USDefence

isExchangeOnline

boolean

Defines whether to add an Exchange Online organization.

isSharePointOnline

boolean

Defines whether to add a SharePoint Online organization.

isTeamsOnline

boolean

Defines whether the added organization uses Microsoft Teams.

If set to true, indicates that you will be able to back up Microsoft Teams data for this organization.

isTeamsChatsOnline

boolean

Defines whether the added organization uses team chats.

Backup of team chats using Protected APIs in Microsoft Teams is not supported for Microsoft 365 organizations with modern authentication and legacy protocols.

You must set this property to false.

Note: This property is available starting from Veeam Backup for Microsoft 365 version 6a (build 6.1.0.222).

exchangeOnlineSettings

exchangeOnlineSettings Object

Specifies the ExchangeOnlineSettings object.

sharePointOnlineSettings

sharePointOnlineSettings Objects

Specifies the SharePointOnlineSettings object.

exchangeOnlineSettings Object

Property

Type

Description

account

string

Specifies the user account with enabled multi-factor authentication (MFA).

password

string

Specifies the password for the specified user.

grantAdminAccess

boolean

Defines whether to grant administrative permissions.

useMfa

boolean

Defines whether to use multi-factor authentication.

applicationId

string

Specifies the identification number of the Azure AD application that you want to use to access your Microsoft 365 organization.

applicationSecret

string

Specifies the application secret for the specified Azure AD application.

Use either applicationSecret or applicationCertificate.

applicationCertificate

string

Specifies the Base64 string of an SSL certificate that you want to use to access the Azure AD application.

Use either applicationSecret or applicationCertificate.

For more information on how to obtain a Base64 string, see Converting Certificate to Base64 String.

applicationCertificatePassword

string

Specifies the password for the specified certificate.

sharePointOnlineSettings Objects

Property

Type

Description

account

string

Specifies the user account with enabled multi-factor authentication (MFA).

password

string

Specifies the password for the specified user.

grantAdminAccess

boolean

Defines whether to grant administrative permissions.

useMfa

boolean

Defines whether to use multi-factor authentication.

applicationId

string

Specifies the identification number of the Azure AD application that you want to use to access your Microsoft 365 organization.

applicationSecret

string

Specifies the application secret for the specified Azure AD application.

Use either applicationSecret or applicationCertificate.

applicationCertificate

string

Specifies the Base64 string of an SSL certificate that you want to use to access the Azure AD application.

Use either applicationSecret or applicationCertificate.

For more information on how to obtain a Base64 string, see Converting Certificate to Base64 String.

applicationCertificatePassword

string

Specifies the password for the specified certificate.

Converting Certificate to Base64 String

If you want to use a certificate to access an Azure AD application, you must provide the certificate as a Base64 string. To obtain a Base64 string, perform the following steps:

  1. Get the certificate content from a PFX file.
  2. Convert the certificate to a Base64 string.

To do this, you can use the following PowerShell cmdlets:

$pfx_cert = get-content '<path_to_cert>' -Encoding Byte

[System.Convert]::ToBase64String($pfx_cert) | Out-File '<path_to_file>'

where:

For example:

$pfx_cert = get-content 'C:\cert.pfx' -Encoding Byte

[System.Convert]::ToBase64String($pfx_cert) | Out-File 'C:\base64.txt'

Request Example

Request:

POST https://abc.tech.local:4443/v6/Organizations

 

Request Header:

Authorization: Bearer <Access-Token>

Request Body:

{  

   "type": "Office365",

   "region": "Worldwide",

   "isExchangeOnline": true,

   "isSharePointOnline": true,
   "isTeamsOnline": true,

   "isTeamsChatsOnline": false,

   "sharePointOnlineSettings": {

     "account": "administrator@abc.onmicrosoft.com",

     "password": "password",

     "grantAdminAccess": true,

     "useMfa": true,

     "applicationId":"63caebf0-2624-48d0-9ece-de1db611dc98",

    "applicationSecret":"5dHpLX5UWMMiPb+wUF+0dD980Dc5rWevYeVTU18c5TE="

   },

   "exchangeOnlineSettings": {

     "account": "administrator3@abc.onmicrosoft.com",

     "password": "password",

     "grantAdminAccess": true,

     "useMfa": true,

     "applicationId":"63caebf0-2624-48d0-9ece-de1db611dc98",

     "applicationSecret":"5dHpLX5UWMMiPb+wUF+0dD980Dc5rWevYeVTU18c5TE="

   }

}

Response

The server returns the following response to the client.

Response Codes

A successfully completed operation returns a response code 200 OK.

Response Headers

The response to this request contains the following headers. The response may also include additional standard HTTPS headers.

Header

Description

Content-length

The length of the response body.

Content-type

The media type and syntax of the response body message: application/json; charset=utf-8

Response Body

The response body contains the following properties:

Property

Type

Description

exchangeOnlineSettings

object

Specifies the configuration of the Exchange Online organization.

sharePointOnlineSettings

object

Specifies the configuration of the SharePoint Online organization.

type

string

Specifies the type of the organization. The following types are available:

  • Office365
  • OnPremises
  • Hybrid

region

string

Specifies the Microsoft Azure region.

isExchangeOnline

boolean

Defines whether the Exchange Online organization is added.

isSharePointOnline

boolean

Defines whether the SharePoint Online organization is added.

isTeamsOnline

boolean

Defines whether the added organization uses Microsoft Teams.

If set to true, indicates that you will be able to back up Microsoft Teams data for this organization.

isTeamsChatsOnline

boolean

Defines whether the added organization uses team chats.

Backup of team chats using Protected APIs in Microsoft Teams is not supported for Microsoft 365 organizations with modern authentication and legacy protocols.

This property must be set to false.

Note: This property is available starting from Veeam Backup for Microsoft 365 version 6a (build 6.1.0.222).

id

string

Specifies the identification number of the Microsoft 365 organization.

name

string

Specifies the name of the organization in Veeam Backup for Microsoft 365.

officeName

string

Specifies the Microsoft 365 Online name.

isBackedup

boolean

Define if the organizations has backups.

firstBackuptime

string

Specifies when the first backup was created for the organization.

lastBackuptime

string

Specifies when the last backup was created for the organization.

_links

Dictionary of string [key] and Object [value]

Links to related resources (navigation property).

Response Example

Response:

200 OK

 

Response Body:

{

  "isTeamsOnline": true,

  "isTeamsChatsOnline": false,

  "exchangeOnlineSettings":    {

     "useApplicationOnlyAuth": false,

     "officeOrganizationName": "abc.onmicrosoft.com",

     "account": "administrator@abc.onmicrosoft.com",

     "grantAdminAccess": true,

     "useMfa": true,

     "applicationId": "63caebf0-2624-48d0-9ece-de1db611dc98"

  },

  "sharePointOnlineSettings":    {

     "useApplicationOnlyAuth": false,

     "officeOrganizationName": "abc.onmicrosoft.com",

     "sharePointSaveAllWebParts": false,

     "account": "administrator@abc.onmicrosoft.com",

     "grantAdminAccess": true,

     "useMfa": true,

     "applicationId": "63caebf0-2624-48d0-9ece-de1db611dc98"

  },

  "type": "Office365",

  "region": "Worldwide",

  "isExchangeOnline": true,

  "isSharePointOnline": true,

  "id": "7f9a9b85-50e7-4f61-8f76-6a9517b8677d",

  "name": "abc.onmicrosoft.com",

  "officeName": "abc.onmicrosoft.com",

  "isBackedup": false,

  "_links":    {

     "self": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d"},

     "jobs": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/jobs"},

     "groups": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/groups"},

     "users": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/users"},

     "sites": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/sites"},
     "teams": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/teams"},

     "usedRepositories": {"href": "/v6/organizations/7f9a9b85-50e7-4f61-8f76-6a9517b8677d/usedRepositories"}

  },

  "_actions": {}

}