The Microsoft 365 connector gives DeskMate access to:
- Outlook Mail — read, send, draft on behalf of users
- Calendar — read, create, update, cancel events
- OneDrive — read and write files
- SharePoint — read and write files in sites
- Teams — used by the DeskMate chat bot to receive messages and post replies (including Adaptive Cards)
What your Azure admin needs to do
DeskMate uses a single multi-tenant Azure application that we host. When you connect, your Azure AD admin grants that application access to your tenant. They don’t create a new app in Azure — they just consent to ours.
You need a Microsoft 365 administrator who can grant admin consent to third-party applications. A regular user account is not enough.
Step 1 — Find your Azure tenant ID
Sign in to the Azure portal as an administrator and go to Microsoft Entra ID (formerly Azure Active Directory). On the Overview page, copy the Tenant ID value.
You’ll need this GUID in Step 2. It looks like: 4d26fc6a-533e-45a9-993a-81072b013c6b.
Step 2 — Connect from DeskMate
In your DeskMate workspace:
- Open Workspace → Connectors
- Click Connect on the Microsoft 365 tile
- When prompted, enter your Azure tenant ID (the GUID from Step 1)
- Continue — DeskMate redirects you to Microsoft to sign in and grant consent (Step 3)
Step 3 — Grant admin consent to DeskMate
After you enter your tenant ID and continue, DeskMate directs you to a Microsoft consent screen listing every permission DeskMate needs. Sign in as a Microsoft 365 admin and click Accept.
The permissions granted are:
| Permission | Why |
|---|
User.Read.All | Resolve Teams users to email/profile |
Mail.ReadWrite, Mail.Send | Read inbox, send mail |
Calendars.ReadWrite | Read and create events |
Files.ReadWrite.All | OneDrive read/write |
Sites.ReadWrite.All | SharePoint read/write |
Chat.ReadWrite | Teams chat read/write |
offline_access | Refresh tokens so the user doesn’t have to sign in daily |
Once you accept, the connector tile turns green — you’re done.
Verify it’s working
Run this command in Teams or the DeskMate web chat:
list my unread emails from the last 24 hours
You should see a list back within a few seconds. If you see “Microsoft 365 not connected” or “Insufficient privileges”, jump to Troubleshooting.
Install the Teams chat bot
The Microsoft 365 connector is required to use DeskMate in Teams, but the bot itself is installed separately. See Use DeskMate in Microsoft Teams for the manifest install.
Troubleshooting
”Insufficient privileges to complete the operation” (403 from Graph)
This usually means the action you tried isn’t covered by the permissions DeskMate was granted during consent. Re-run the admin consent step (Step 3) and make sure every permission on the consent screen was accepted. If the error persists, that specific action may be outside DeskMate’s current permission scope — email support@brightpathaisolutions.com.
Disconnecting
In Workspace → Connectors, click Disconnect on the Microsoft 365 tile. Tokens are revoked immediately; the next connection will require a fresh admin-consent flow if the Azure permissions were also removed in Azure AD.
To revoke at the Microsoft side (e.g. you’re offboarding DeskMate entirely), an admin should go to Azure portal → Enterprise applications → search for DeskMate → Delete.