# Create App Registration This document describes how to create an app registration for use in a machine workflow for reading messages in a mailbox. ## Create App Registration * Navigate to * Search for App Registrations

* Click on "New registration"

* Enter an application name and select an account type and click on "Register". No Redirect URI is needed in this case.

* After the new registration has been saved, navigate to "Certificates & secrets" and click on "New client secret" ![](https://3010335096-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MjcNODv1kQRDGTj76t9%2F-Mk1qY27wFwDOyb2_Sz_%2F-Mk2F0F4DgMjzuGA5gVq%2Fapp-reg-new-client-secret.png?alt=media\&token=232b3699-7461-4925-b92a-53c76df75301) * Enter a name of the client secret and set an expiration, click "Add"

* Copy the client secret value for later use in Flow Studio {% hint style="warning" %} Make sure to copy the value of the new secret, it can't be read after the leaving the page {% endhint %}

* Get the Client ID from the overview ![](https://3010335096-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MjcNODv1kQRDGTj76t9%2F-MkkFkPNjF5wNAuDVPDf%2F-MkkHRBWEdLy-1xvEnIF%2Fapp-reg-overview-client-id.png?alt=media\&token=4614aa98-3330-4dc9-a419-637086b272cd) * Both Client ID and Client Secret are needed for the REST configuration in Flow ### ### Set Permissions This document describes how to set up read and write permissions for mailboxes. {% hint style="info" %} Depending on the needs for the app registration you will add different permissions. Read more about all available permissions for Microsoft Graph at {% endhint %} * Create permissions by navigating to "API permissions" and select "Add a permission"

* Select Microsoft Graph

* Select Application permissions

* Search for "mail" and select "Mail.ReadWrite"

* Select "Grant admin consent" to approve permissions

{% hint style="warning" %} After the app registration is done and the permissions are set it is possible to read all mailboxes in the directory. Read more on how to [Limit Permissions to a Specific Mailbox](https://docs.novacura.com/extensibility-and-integration/products/active-directory/microsoft-graph/how-to-guides/limit-permissions-to-a-specific-mailbox) {% endhint %} ## Flow configuration * Navigate to the Graph REST connector in Flow Studio. * Open Global parameters and select the dots (...) in Edit parameters * Enter the values for Client ID and Client Secret from your new app registration * Click Save in the Global parameters dialog box * Save the new REST configuration

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.novacura.com/extensibility-and-integration/products/active-directory/microsoft-graph/how-to-guides/create-app-registration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.