Pega Sales Automation™ to Microsoft Exchange integration is a background process that synchronizes both your Pega Sales Automation calendar and email with your Microsoft Exchange calendar and email. With this integration, you can create, update, and cancel appointments in the Pega Sales Automation application and synchronize them in real-time with your Microsoft Exchange server.

Prerequisites

To integrate Pega Sales Automation with Microsoft Exchange, you must perform authentication. You can choose from the following authentication options:

• Basic authentication
• OAuth 2.0 authentication (recommended)

Basic authentication

For basic authentication, you must create one impersonation account on Microsoft Exchange with impersonation privileges for all of the users who will manage appointments in the application.

With Microsoft Exchange impersonation, one account acts as another account. For an impersonated account, the system logs the access as if the impersonated account is acting on the system. The calling account must have the appropriate permissions and email ID to perform the impersonation. This allows the user who has impersonation permissions to make calls against the other user's account. The  EWS_Integration_AuthProfile authentication profile maintains the impersonated account.

Your Microsoft Exchange administrator must configure the Microsoft Exchange impersonation account for your Pega Sales Automation implementation and provide you with the user name and password so that you can update the security profile in the application.

OAuth 2.0 authentication

OAuth authentication is managed by a third-party provider. Your application does not have to collect and store Microsoft Exchange credentials. Your application receives an opaque token from the authentication provider, therefore, a security breach in your application can only expose the token, not the user's Exchange credentials.

For the OAuth 2.0 authentication, you must create an application in Microsoft Azure Portal, generate the client secret number, and configure API permissions. For more information, see Microsoft Azure documentation.

Configuration

To integrate Pega Sales Automation with Microsoft Exchange, complete the following steps:

• Generating a keystore file with SSL certificate
• Updating the security profile in Pega Sales Automation
• Updating the authentication profile in Pega Sales Automation
• Updating the App Studio settings in Pega Sales Automation

Generating a keystore file with SSL certificate

You must generate a keystore file with the appropriate SSL certificate for your Microsoft Exchange integration. Pega Sales Automation uses the keystore file and SSL certificate to communicate securely with your Microsoft Exchange server.

1. Retrieve the Exchange Web Services (EWS) endpoint URL from Microsoft Outlook. For information on how to retrieve the EWS endpoint URL, see Microsoft documentation.

The EWS endpoint URL should look like the following example URL:

https//mail.*****.com/ews/Exchange.asmx

2. Launch the EWS endpoint URL in a Google Chrome browser window.
3. Complete the following steps to generate and save the SSL certificate file:
   1. Press F12 to open Developer Tools.
   2. Click the Security tab.
   3. Click View Certificate and click the Details tab.
   4. Click Copy to File.
   5. Click Next and choose the format with Base-64 Encoded X.509.
   6. Click Browse and select the file name and path where you want to generate the keystore file.
   7. Click Finish.
4. In the Program Files directory on your machine, open the JDK/bin folder. (Sample path: C:\Program Files\Java\jdk1.6.0_26\bin)
5. Run the Java Keytool application in the JDK/bin folder.
6. Open the Command Prompt dialog and run the following command:

keytool -importcert -file "<Path for ssl certificate>" -keystore "<Path for jks file name>" - alias "<anything>"

• For the "<Path for ssl certificate>", enter the path where you generated the SSL certificate.
• For the "<Path for jks file name>", enter the name for the jks file with path similar to the path for the SSL certificate.

The command should look like the following example command:

keytool -importcert -file ../../../cert.cer -keystore ../../../jkfile.jks -alias certificate

7. Press Enter.
8. At the prompt, enter a password and confirm the password.
9. Press Enter.
10. At the Trust Question prompt, enter yes. The keystore file is generated in the same path where your SSL certificate exists.

Updating the security profile in Pega Sales Automation

You must update the security profile in Pega Sales Automation with the keystore file and password that you generated previously. This provides Pega Sales Automation with the SSL certificate that is required to communicate with your Microsoft Exchange server.

1. In the Dev Studio header search text field, search for and select the WS-security profile named EWS_Integration_SecurityProfile.
2. Click the Keystore tab.
3. Next to the Keystore field, click the Open icon.
4. Click Upload file.
5. Click Choose File to search for and select the JKS keystore file for your server.
6. Click Upload file.
7. Enter the Keystore password and click Save.

Updating the authentication profile in Pega Sales Automation

Basic authentication configuration steps

You must update the authentication profile in Pega Sales Automation with the user name and password for your Microsoft Exchange impersonation account. Your Microsoft Exchange administrator can provide you with the user name and password for the impersonation account.

1. In the navigation pane of Dev Studio, click Records > Security > Authentication Profile.
2. Search for and open the EWS_Integration_ AuthProfile authentication profile.
3. Click Save as.
4. In the Type field, select NTLM.
5. Click Create and Open.
6. Enter the User name that Microsoft Exchange requires.

   This is the user email for the impersonated user account.

7. Click Set password.
8. Enter the password for the user, and then click Submit.
9. Click Save.

OAuth 2.0 authentication configuration steps

You must update the authentication profile in Pega Sales Automation with the application ID, client secret, and access token endpoint issued by the azure active directory for the application created in the Microsoft Azure Portal. After creating the application in the Microsoft Azure Portal, in the API permissions section, select Exchange and select the full_access_as_app check box to grant Exchange full access to all inboxes. For more information, see the Microsoft Azure documentation.

1. In the navigation pane of Dev Studio, click Records > Security > Authentication Profile.
2. Search for and open the EWSOauthAuthenticationProfile authentication profile.
3. In the Client configuration section, enter the following data:
   1. Enter the client identifier number of the application registered in Azure Portal.
   2. Enter the client secret number of the application registered in Azure Portal.
4. In the Endpoint configuration section, in the access token endpoint field, replace the directory ID with the Directory(tenant) ID of the registered application.
5. Click Save.

Updating the App Studio settings in Pega Sales Automation

To configure your implementation for Microsoft Exchange integration, you must enable the Microsoft Exchange calendar integration and Use OAuth Authentication App Studio settings.

1. In the navigation pane of App Studio, click Settings > Application Settings.
   1. On the Microsoft Exchange tab, in the Microsoft Exchange calendar integration section, select the Microsoft Exchange calendar integration check box.
   2. Depending on the authentication method you chose in previous steps, in the Use OAuth Authentication section, select or leave cleared the Use OAuth Authentication check box.
   3. In the Exchange URL field, enter the exchange URL.
2. Click Save.