Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Synchronizing Pega Sales Automation email with Microsoft Exchange

Updated on May 10, 2021

Integrate Pega Sales Automation email with Microsoft Exchange to create a background process that synchronizes your Microsoft Exchange email with your Pega Sales Automation email, so that you can send and reply to emails from within your application to increase productivity and reduce context switching.

Pega Sales Automation Implementation Guide Pega Sales Automation Implementation Guide Pega Sales Automation Implementation Guide Pega Sales Automation Implementation Guide Pega Sales Automation Implementation Guide Pega Sales Automation Implementation Guide
Before you begin: To create and synchronize appointments with Microsoft Exchange, you must perform authentication. You can choose either Basic authentication, or the recommended OAuth 2.0 authentication.
Basic authentication

Create one impersonation account on Microsoft Exchange with impersonation privileges for all of the users managing appointments in the Pega Sales Automation application.

With Microsoft Exchange impersonation, one account acts as another account. For an impersonated account, the system logs access as if the impersonated account is acting on the system. The calling account must have the appropriate permissions and email ID to perform the impersonation. This allows the user who has impersonation permissions to make calls using the other user's account.

The EWS_Integration_AuthProfile authentication profile maintains the impersonated account. Your Microsoft Exchange administrator must configure the Microsoft Exchange impersonation account for your Pega Sales Automation implementation and provide you with the user name and password so that you can update the security profile in the application

OAuth 2.0 authentication

Third-party providers manage OAuth authentication, so your application does not have to collect and store Microsoft Exchange credentials. Your application receives an opaque token from the authentication provider, therefore, a security breach in your application can only expose the token, not the user's Exchange credentials.

For the OAuth 2.0 authentication, you must create an application in Microsoft Azure Portal, generate the client secret number, and configure API permissions. For more information, see the Microsoft Azure documentation.

OAuth authentication for Exchange Web Services (EWS) is available only in Microsoft Exchange as part of Microsoft Office365.

Generating a keystore file with the SSL certificate

Generate a keystore file with the appropriate SSL certificate for your Microsoft Exchange integration. Pega Sales Automation uses the keystore file and SSL certificate to communicate securely with your Microsoft Exchange server.

Before you begin: Install Java before generating the keystore file.
  1. Retrieve the Exchange Web Services (EWS) endpoint URL from Microsoft Outlook.
    For example: https//mail.*****.com/ews/Exchange.asmx
    For more information on how to retrieve the EWS endpoint URL, see Microsoft documentation.
  2. Launch the endpoint URL in a Google Chrome browser window.
  3. To generate and save the SSL certificate, perform the following steps:
    1. Press F12 to open Developer Tools.
    2. Click Security.
    3. On the Security tab, click View CertificateDetails.
    4. On the Details tab, click Copy to File.
    5. Click Next and select Base-64 Encoded X.509 format.
    6. Click Browse, and then enter a file name and select a path to save the keystore file.
    7. Click Finish.
  4. On your local machine, browse for and open the JDK/bin folder.
    For example: C:\Program Files\Java\jdk1.6.0_26\bin)
  5. In the JDK/bin folder, run the Java Key tool application.
  6. Open the Command Prompt dialog and run the keytool -importcert -file "<Path for ssl certificate>" -keystore "<Path for jks file name>" - alias "<anything>" command.
    Replace Path for ssl certificate with the path to the SSL certificate that you generated. Replace Path for jks file name with the name for the jks file in the same location as the SSL certificate.
    For example: keytool -importcert -file ../../../cert.cer -keystore ../../../jkfile.jks -alias certificate
  7. Click Enter.
  8. When prompted, enter your password and then confirm the password.
  9. Click Enter.
  10. At the Trust Question prompt, enter yes.
    Result: The system generates the file in the same location as the SSL certificate.

Updating the security profile in Pega Sales Automation

Update the security profile in Pega Sales Automation with the keystore file and password that you generated previously. This provides Pega Sales Automation with the SSL certificate that facilitates communication with your Microsoft Exchange server.

  1. In the header of Dev Studio, search for and select the EWS_Integration_SecurityProfile WS-security profile.
  2. Click the Keystore tab.
  3. Next to the Keystore field, click the Open icon.
  4. Click Upload file, and then select the JKS keystore file for your server.
  5. Click Upload file
  6. Enter the keystore password and click Save.

Configuring the basic authentication

Update the authentication profile in Pega Sales Automation with the user name and password for your Microsoft Exchange impersonation account. Your Microsoft Exchange administrator can provide you with the user name and password for the impersonation account.

  1. In the navigation pane of Dev Studio, click RecordsSecurityAuthentication Profile.
  2. Search for and open the EWS_Integration_ AuthProfile authentication profile.
  3. Click Save as.
  4. In the Type field, select NTLM.
  5. Click Create and open.
  6. In the User name field, enter the user email for the impersonated user account.
  7. Click Set password, enter the user password, and then, click Submit.
  8. Click Save.

Configuring the OAuth 2.0 authentication

Update the authentication profile in Pega Sales Automation with the application ID, client secret, and access token endpoint issued by the Azure Active Directory for the application, which you create in the Microsoft Azure portal. After you create the application in the Microsoft Azure portal, in the API permissions section, select Exchange and select the full_access_as_app check box to grant Exchange full access to all inboxes. For more information, see the Microsoft Azure documentation.

  1. In the navigation pane of Dev Studio, click RecordsSecurityAuthentication Profile.
  2. Search for and open the EWSOauthAuthenticationProfile authentication profile.
  3. In the Client configuration section, enter the following:
    1. Enter the client identifier number of the application registered in the Azure portal.
    2. Enter the client secret number of the application registered in the Azure portal.
  4. In the Endpoint configuration section, in the Access Token Endpoint field, replace the directory ID with the Directory(tenant) ID of the registered application.
  5. Click Save.

Updating the App Studio settings in Pega Sales Automation

To configure your implementation for integration with Microsoft Exchange, you must enable Microsoft Exchange calendar integration and Use OAuth Authentication settings in App Studio.

  1. In the navigation pane of App Studio, click SettingsApplication Settings.
  2. Depending on the authentication method you chose in the previous task [LINK], on the Microsoft Exchange tab, in the Use OAuth Authentication section, perform either of the following actions:
    • To use basic authentication, leave the check box clear.
    • To use the OAuth 2.0 recommended authentication, select the Use OAuth Authentication check box.
  3. In the Use OAuth Authentication section, in the Exchange URL field, enter the Exchange URL.
  4. Click Save.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us