Fortinet black logo

Administration Guide

Configuring Microsoft 365 accounts

Configuring Microsoft 365 accounts

Before you can scan email in Microsoft 365 mailboxes, you must connect to Microsoft 365.

Adding your Microsoft 365 account in FortiMail requires that you provide your Tenant ID, Application ID, and Application Secret.

When acquiring the Tenant ID and Application ID from MS365, you must also grant consent permissions for the admin.

Add the following permissions for the admin in MS365:

  • User.Read.All
  • Mail.ReadWrite
  • Mail.Send

Note that User.Read is added by default.

To create an Microsoft 365 account
  1. Log on to FortiMail and go to View > Microsoft 365 View.
  2. Go to .
  3. Click New.
  4. Enter the Tenant ID, Application ID, Application Secret, and Description to log on to Microsoft 365.
  5. You receive log on credentials when you create the custom application on Microsoft Azure. For details, see the Azure documentation.

  6. Select a regional Service Endpoint appropriate to your geographical location, then click Create.

  7. If successful, the account will appear in the account list and FortiMail is connected to Microsoft 365.
  8. Click the View User List button to view the following email user information under the selected Microsoft 365 account.
    • Status: Displays whether the user is subscribed or not.

      Email: User names of the email users on the Microsoft 365 account.

    • Expiry Date: Subscription expiry date and time to notifications of the user's real-time email.

    • Status: Subscription information to notifications of the user's real-time email, either subscribed or other non-subscribed reasons.

Configuring Microsoft 365 accounts

Before you can scan email in Microsoft 365 mailboxes, you must connect to Microsoft 365.

Adding your Microsoft 365 account in FortiMail requires that you provide your Tenant ID, Application ID, and Application Secret.

When acquiring the Tenant ID and Application ID from MS365, you must also grant consent permissions for the admin.

Add the following permissions for the admin in MS365:

  • User.Read.All
  • Mail.ReadWrite
  • Mail.Send

Note that User.Read is added by default.

To create an Microsoft 365 account
  1. Log on to FortiMail and go to View > Microsoft 365 View.
  2. Go to .
  3. Click New.
  4. Enter the Tenant ID, Application ID, Application Secret, and Description to log on to Microsoft 365.
  5. You receive log on credentials when you create the custom application on Microsoft Azure. For details, see the Azure documentation.

  6. Select a regional Service Endpoint appropriate to your geographical location, then click Create.

  7. If successful, the account will appear in the account list and FortiMail is connected to Microsoft 365.
  8. Click the View User List button to view the following email user information under the selected Microsoft 365 account.
    • Status: Displays whether the user is subscribed or not.

      Email: User names of the email users on the Microsoft 365 account.

    • Expiry Date: Subscription expiry date and time to notifications of the user's real-time email.

    • Status: Subscription information to notifications of the user's real-time email, either subscribed or other non-subscribed reasons.