Views: 7725
Last Modified: 09.01.2023


Note: Starting from April 2020 Office365 Cloud application for working online with Word, Excel, PowerPoint and etc. is called Microsoft 365. This chapter uses both names equally.

Important: To configure integration between your Bitrix24 account with Office365 service, you need to register or have an Office365 account ( with subscription Office365 for Business. Private LiveID account with Office265 subscription for Home are not suitable! Please, request your Bitrix24 admin for assistance to create a working Office365 account.

Getting Client ID and Key

For Office 365, indicate Client ID and Key parameters in the Social Website Integration module settings (Settings > System Settings > Module Settings > Social Website Integration).

The following actions are required:

  1. Inside Azure Active Directory go to the All services section (you will need a Microsoft account -, standard LiveID login is not suitable), to the section App registration and click New registration:

  2. When registering an application - indicate the specified name and supported types of accounts.

    Important! Registered application must have Multitenant Multitenancy is a software architecture in which a single application serves multiple client tenants. organizational directory. Learn more...

    Specify the address, indicated in the Social Website Integration module settings in the field Redirect URIs .
  3. Select the section API permissions in the app settings and select the permissions required for your app:

  4. For example, for profile entry, you'll need the permission profile and for offline access - offline-access.

    For correct integration with Bitrix24.Drive and Bitrix24.Docs, the app will need the following permissions:

    • in Microsoft Graph - Files.ReadWrite.All
    • in SharePoint - user files read and write .

  5. Next, select Certificates & secrets in the app settings, select the button +New client secret, complete Description, set expiration deadline and click Add .

    After the key is added, its displayed in the Value column .

    Key value is entered in the Key field in the section Social services - Office365 ( Settings > System Settings > Module Settings > Social Website Integration)

    Important! Created key value is displayed only once, if you didn't copy the key value and switch to another section, you'll have to create the key again.

  6. Client ID field value for the app can be taken in the Overview section:

  7. Tenant field - is optional, sets a limit for restricted document editing - for users that are members of account's company. Also, tenant owner can assign such restriction inside Office365 as well.

    Office365 account, usually has a typical format, where: user - user name, and company - company name in Office365 business account.

    As a result, Tenant in out case will be

   Multifactorial authentication

Azure (MFA) Multifactorial authentication allows protecting access to data and applications. In Azure Active Directory such feature is available for protecting global administrators accounts. In Microsoft 365 Business it allows to fully use MFA with application of conditional access, to request multifactorial authenticity verification.

Azure (Azure MFA) deployment for application is described in detail in Microsoft documentation.

  Working with documents

To work with documents using Office365 you will need the following:

  • Have an existing account or create a new Office365 account Starting from April 2020 Office365 Cloud application for working online with Word, Excel, PowerPoint and etc. is called Microsoft 365. This chapter uses both names equally. ( with a Office365 for Business subscription.
  • Enabled Office365 settings in the Social Website Integration module.
  • Activate the option Enable document editing using external services (Google Docs, MS Office Online etc.) for the Drive module Settings > System Settings > Module settings > Drive).

  Integration with email

Before the end of 2022, Microsoft will disable Basic Authentication for improved security purposes. Due to this, a now deprecated authentication procedure (using IMAP-login and password) from Bitrix24 and emails provided by online services Office365 and Exchange Online won't be available.

Now, to connect Office365 and Exchange Online email you have to preconfigure the integration with Office365 supporting OAuth 2.0, as described above.

We advise to employ the new authentication system as soon as possible.

These recommendations are applicable only to the online services Microsoft Office365 and Exchange Online. If your company already employs your own Microsoft Exchange corporate server, then you can continue to use the IMAP provider. You can contact your company's system administrator for specific connection details.


Courses developed by Bitrix24