This topic provides the OAuth2.0 implementation flow diagrams for the following grant types:

• Resource owner password credentials

• Authorization code

• Client credentials

For more information about different grant types supported by Kofax Import Connector and their respective configuration, refer to "OAuth settings" in the KC Plug-In help.

Following are important entities for the OAuth flow diagrams:

• Kofax Import Connector: This has two components:

  • KC Plug-In: You can configure all the necessary parameters, of a specific grant type, for polling Microsoft 365 mailboxes in the KC Plug-In Connection configuration.

  • Message Connector: Polls the messages from the Microsoft 365 mailboxes using the OAuth grant specified in KC Plug-In Connection configuration. The messages polled here are then forwarded to Kofax Capture for further processing.

  Microsoft Azure Active Directory: Microsoft's cloud-based identity and access management service, which verifies the request sent by Kofax Import Connector for authorizing access to the users' Microsoft 365 mailboxes and provides the OAuth 2.0 access token and refresh token.

  User's Mailbox: Message Connector uses the OAuth 2.0 access token to poll the messages from configured Microsoft 365 mailbox.