Complete Setup Guide: Connecting Omikai to Microsoft Graph Email
This guide walks you through generating the necessary API credentials in Microsoft Azure and connecting them to your Omikai environment so the system can send emails autonomously.
Phase 1: Generating Credentials in Microsoft Azure
To allow Omikai to send emails, you first need to register it as an authorized application within your Microsoft environment. You will need an IT Administrator with access to the Microsoft Entra admin center.
Step 1: Register the Omikai Application
- Log in to the Microsoft Entra admin center.
In the left navigation menu, expand Identity (Entra Id) > Applications and select App registrations.
Click New registration.
Name: Enter a descriptive name (e.g.,
Omikai-ERP-Email).Supported account types: Select Accounts in this organizational directory only (Single tenant).
Redirect URI: Leave this completely blank.
Click Register.
Step 2: Grant Email Permissions
In your newly created App Registration, go to the left menu and select API permissions.
Click Add a permission and select Microsoft Graph.
Select Application permissions (This allows Omikai to send emails in the background without a human logging in every time).
In the search bar, type
Mail.Send.Check the box next to Mail.Send and click Add permissions.
Step 3: Grant Admin Consent
On the API permissions page, look for the yellow warning status next to
Mail.Send.Click the Grant admin consent for [Your Organization] button above the permissions list.
Click Yes to confirm. The status will update to a green checkmark.
Step 4: Generate the Client Secret (The Password)
In the left menu of your App Registration, select Certificates & secrets.
Under the Client secrets tab, click New client secret.
Add a description (e.g.,
Omikai-API-Key) and choose an expiration window (e.g., 12 months). Click Add.⚠️ CRITICAL: Immediately copy the text in the Value column. This will disappear once you leave the page.
Step 5: Gather Your Three Connection Keys
Go to the Overview page of your App Registration. Copy the following three items to paste into Omikai:
Tenant ID (Directory ID)
Client ID (Application ID)
Client Secret (The value you copied in Step 4)
Phase 2: Inserting Credentials into Omikai
Now that Microsoft has provided the keys, you will activate the connection inside the Omikai settings.
Step 1: System-Wide Configuration (Main Email)
This establishes the primary connection and sets up your main company sending address (e.g., info@omikai.com).
Log in to Omikai and navigate to Settings > Account in the left-hand menu.
Go to the Profile tab and open up the profile settings.
Locate the E-mail provider setting and select Microsoft Graph from the dropdown menu.
Scroll down and expand the Microsoft Graph settings section.
Paste the three keys you gathered from Azure:
Tenant ID
Client ID
Client secret
Sender e-mail: Enter the primary email address you want the system to send from (e.g.,
info@omikai.com).
Step 2: Individual User Configuration (Optional)
If you want individual staff members to be able to send emails through Omikai using their own personal company addresses, follow these steps for each user:
Navigate to Settings > User.
Select the specific user's profile.
Set their E-mail provider to Microsoft Graph.
Expand the Microsoft Graph settings for that user.
Enter their personal company email into the Sender e-mail field.
🛡️ A Brief Note on Security
Because this setup uses "Application Permissions," Microsoft grants Omikai the technical ability to send mail as any user in your organization by default.
If you do nothing else: Phase 1 and Phase 2 will work perfectly out of the box for any email address you type into Omikai.
Best Practice: If your IT team wants to strictly limit Omikai so it can only send from
info@omikai.com(or a specific group of users), they will need to apply an "Application Access Policy" in the background using Exchange Admin tools.
Related Articles
Email/SMTP Configuration
Goal Set up email sending through Microsoft 365 using SMTP. Optionally, add an SPF record if needed. This lets users send emails from the system with their own Microsoft 365 mailboxes. Procedure Step 1: Enable SMTP Authentication in Microsoft 365 In ...Company - Setup
Goal This article explains how to create a new company record, save the basic information, and complete additional details using the sections and tabs on the page. You will also learn how favorites, descriptions, private comments, report links, and ...Q: We understand the system is hosted on Microsoft Azure and Amazon S3, with encrypted SSL communication and daily redundant backups. Could you confirm if this setup is still current and whether any changes are planned?
A: The system is now primarily hosted on Microsoft Azure. Azure Storage is used as the main backup and file repository. SSL/TLS (minimum TLS 1.2) is enforced for all communications. Daily redundant backups remain in place, and no major infrastructure ...Differences between Omikai 1 and Omikai 2
Goal This article should explain what information is migrated from the old version (v1) to the new version (v2) of the system, so you can plan and verify your upgrade with confidence. The provided transcript does not include the detailed list of ...What is migrated from Omikai 1 to Omikai 2
Goal This article explains what data is migrated when moving from Version 1 to Version 2 of the system. It also shows how to review the results and handle items that are not migrated. Procedure Step 1 — Review what is migrated The lists below show ...