/
How to Create an Application ID and Application Secret for Barracuda Message Archiver for Entra ID

How to Create an Application ID and Application Secret for Barracuda Message Archiver for Entra ID

This article refers to Barracuda Message Archiver firmware release version 5.5.3 or higher, and Microsoft Entra ID. For more information on how to update to the latest firmware, see Updating Your Firmware and Definitions.

When setting up Entra ID in the Barracuda Message Archiver, you will need an application ID and application secret from Microsoft 365.

Register an Application

  1. Log in to Microsoft Entra as a global admin Microsoft Entra admin center.

  2. In the left-hand menu, select App registrations.

  3. Select New registration.

    entraIDregister.png

  4. Enter a name for the app. For example, “ArchiverApp”.

  5. Under Supported Account Types, select Accounts in this organizational directory only.

  6. Click Register.

    entraIDnewApp.png

Grant Permissions

Your application ID is now available in the app overview. You must now grant the required permissions.

  1. On the Overview page, click View API permissions under Call APIs at the bottom.

    entraIDviewAPI.png

  2. Microsoft Graph is listed by default. It is recommended to remove all permissions and add the necessary permissions. Click the 3 dots to the right and select Remove permission.

    entraIDremovePermissions.png

  3. Under Configured permissions, select Add a permission.

    entraIDAddPermissions.png

  4. Click Microsoft Graph > Application permissions, type “dir” in the search bar. Under Directory, check the Directory.Read.All box.

    entraIDMSGraph.png

  5. Click Add permissions at the bottom to save.

  6. Under Configured permissions, click Add a permission again.

  7. Select APIs my organization uses, then type “office” in the search bar to find & select Office 365 Exchange Online.

    entraIDOffice365API.png

  8. Under Office 356 Exchange Online, select Application permissions. Under Other Permissions, check the full_access_as_app box.

    entraIDOffice365Permissions.png

  9. Click Add permissions at the bottom to save.

  10. Under Configured permissions, select Grant admin consent for.

    entraIDGrant.png

  11. In the left-hand menu, select Authentication. Under Redirect URIs, click Add URI and enter your Barracuda Message Archiver's IP address.

    addIP.png

Generate Application Secret

After granting the necessary permissions, you can now generate the application secret.

  1. In the left-hand menu, select Certificates & secrets. Select New client secret.

  2. Add a description and an expiration date. Barracuda Networks recommends using 730 days (24 months).

  3. Click Add at the bottom.

    entraIDClientSecret.png

  4. Once your client secret is created, copy down the Value as it will not be displayed again.

Note that once you leave the page, the value will no longer be visible. If it is not copied at that time, the value must be deleted and recreated.

entraIDValue.png

  1. On the left-hand menu, select Overview and copy down the Application (client) ID.

    entraIDAppID.png

The Value and Application (client) ID you copied down can now be used to authorize the Barracuda Message Archiver permissions to connect to Microsoft Entra ID.

We value your feedback.
If you have questions, suggestions, or feedback on our documentation, contact the Campus Product Documentation team.
For general product inquiries or technical support, please contact the global Barracuda Support team.