A sapio365 App session is offered to users who wish to use an application to connect to Microsoft instead of their user credentials.
For security reasons, an App session can only be seen and used by users who have been assigned the sapio365 Access App sessions role.
By default, no one can create, see or use any App session, even Microsoft 365 global admin role or a sapio365 General Manager role.
To set a sapio365 Access App sessions role, you must have a Microsoft 365 global admin role or a sapio365 General Manager role.
Creating a sapio365 App session creates a custom-named registered application in your tenant. You can add or remove permissions for this registered app in Azure Active Directory.
Why use an App session in sapio365?
An App session won’t need any MFA or to enter a password to run since it will use the application’s secret key to authenticate.
This can be useful in strict environment, where MFA has to be provided each time you launch sapio365, forbidding you to set any scheduled Jobs.
1 - Assign access to App sessions in sapio365 Access & Restrictions
Go to the ‘back’ of sapio365.
Select ‘sapio365 Access & Restrictions’.
Select ‘Access App sessions’.
Search for yourself or another user you wish to give the ability to create App sessions.
Select ‘Add to selection’, then click OK to see the user listed under the role.
2 - Create an App session
In the ‘back’ of sapio365, go to Recent Sessions.
Click on ‘Create App session’ and follow the prompts. See step-by-step instructions below.
Create a new application
After clicking on ‘Create App session’, you will see the same dialog as the one to elevate privileges.
Click on ‘Create a new application’.
Name the application. We recommend including the name of the user who will be using it.
Click ‘Proceed’ to give consent to the list of permissions the application needs (recommended), or skip to do it later.
Click on ‘Continue’.
Give consent to permissions
‘Accept’ to give admin consent to the permissions listed.
Authenticate with your Microsoft 365 credentials.
You should see a ‘Success…’ dialog.
Add the required role for the application
Click ‘Check current status’.
‘Add the Role', and you’ll see a message that the application has the role. If not, click on ‘Check current status’.
Click ‘Use now’ to switch to this new App session. If you cancel, you can connect to it from your recent sessions list.