<# .SYNOPSIS Adds the iEmail Cloud enterprise application to your Microsoft tenant. .DESCRIPTION This script is required for iEmail Cloud to read attachment data. The script must be run with a user that has sufficient permission to add an enterprise application to the tenant. .NOTES Author: Computer System Innovations, Inc. Date: 2025-04-08 Version: 1.0 Dependencies: - Microsoft.Graph module - PowerShell 7+ recommended #> Clear-Host Write-Host "" Write-Host "iEmail Cloud - Entra Application Installer [v1.0]" Write-Host "" [Console]::OutputEncoding = [System.Text.Encoding]::UTF8 if (!(New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { Write-Host "Error: This script must be run as Administrator." -ForegroundColor Red return } Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Force Write-Host "Pulling and importing the latest Microsoft.Graph module, please wait..." Install-Module Microsoft.Graph.Applications -Scope CurrentUser -AllowClobber -Force -WarningAction SilentlyContinue | Out-Null Install-Module Microsoft.Graph.Authentication -Scope CurrentUser -AllowClobber -Force -WarningAction SilentlyContinue | Out-Null Import-Module Microsoft.Graph.Applications -WarningAction SilentlyContinue | Out-Null Import-Module Microsoft.Graph.Authentication -WarningAction SilentlyContinue | Out-Null Write-Host "Authenticating... (Opens in a browser window)" Connect-MgGraph -Scopes Application.ReadWrite.All -NoWelcome -ContextScope Proces | Out-Null $tenant = Get-MgContext Write-Host "Connected to tenant: $($tenant.Account) with tenant ID: $($tenant.TenantId))" -ForegroundColor Green Write-Host "" Write-Host "Adding iEmail Cloud app registration..." $appRegistration = New-MgApplication ` -DisplayName "iEmail Cloud" -Description "iEmail Cloud by Computer System Innovations, Inc." ` -RequiredResourceAccess @( @{ ResourceAppId = "00000003-0000-0000-c000-000000000000"; # Microsoft Graph ResourceAccess = @( @{ Id = "570282fd-fa5c-430d-a7fd-fc8dc98a9dca"; # Mailbox.Read delegated permission Type = "Scope" } ) } )` -Info @{ PrivacyStatementUrl = "https://csi.ms/privacy"; TermsOfServiceUrl = "https://csi.ms/terms"; SupportUrl = "https://csi.ms/support" }` -Web @{ ImplicitGrantSettings = @{ EnableAccessTokenIssuance = $true; EnableIdTokenIssuance = $true; }; RedirectUris = @('https://iemail.cloud.csiinc.com', 'https://iemail-staging.cloud.csiinc.com', 'https://iemail-ap.cloud.csiinc.com', 'https://iemail-ca.cloud.csiinc.com')} ` -Spa @{ RedirectUris = @('brk-multihub://iemail.cloud.csiinc.com', 'brk-multihub://iemail-staging.cloud.csiinc.com', 'brk-multihub://iemail-ap.cloud.csiinc.com', 'brk-multihub://iemail-ca.cloud.csiinc.com')} Disconnect-MgGraph | Out-Null if (!$appRegistration.Id) { Write-Host "ERROR: Did not receive an Application (Client) ID from Entra." return } Write-Host "Completed!" Write-Host "" Write-Host @" ╔══════════════════════════════════════════════════════════╗ ║ Application ID: $($appRegistration.AppId) ║ ╚══════════════════════════════════════════════════════════╝ "@ -ForegroundColor Green Write-Host "" Write-Host "Next step: Copy and paste this application ID into the settings area of iEmail Cloud." Write-Host "" Write-Host "For more information and troubleshooting, please go to: https://csi.ms/iemailcloudattach" Write-Host "" Read-Host 'Press Enter to exit'