The Office 365 connector for Groups migration requires some additional credentials to work correctly: AppID & AppSecret. This article will show you how to generate them for your migration.

The generation of AppID and AppSecret is done in two step:

  1. Register your application
  2. Allow your application

Register your application

Our product will use the Microsoft Authentication Library (MSAL) to connect with the Microsoft Graph. Permissions against the Microsoft Graph are given through an application. You have to register your application on the following web site:

On the “Register your application” page, type name for your application and then click on “Create”

On the next page:

  • Save the “Application Id” (AppID) on a block-note
  • Click on “Generate New Password” button under “Application Secrets” (AppSecret), and save the value along with the AppID
  • Click on “Add Platform” button and select “Native Application”

Scroll down to “Microsoft Graph Permissions”:

  • Remove any “Delegated permissions”
  • Click on “Add” button in “Application Permissions” and select the permission:
    • “Group.ReadWrite.All”

Leave the “Profile” section empty.

Under “Advanced Options”, uncheck “Live SDK support”.


Click on “Save”

Allow your application

The permission “Group.ReadWrite.All” requires the consent of your tenant admin. To validate your application, you have to build your consent Url, based on the following template:[TenantName]/adminconsent?client_id=[AppID]&state=[Something]

In this example, the built Url will be (out tenant name is

Use this Url to logon in to your Office 365 tenant and validate your application: