WieldDocumentation
Deutsch Back to wield.ch →

Set up Microsoft 365

Wield connects to your Microsoft 365 tenant to import CVs directly from SharePoint or OneDrive.

Prerequisites

  • Microsoft 365 tenant with Global Admin or Application Admin role.
  • Access to the Azure Portal.

1. Create the app registration

  1. Azure Portal → Microsoft Entra IDApp registrationsNew registration.
  2. Name: Wield Recruitment.
  3. Supported account types: Accounts in this organizational directory only (Single tenant).
  4. Redirect URI: Web with value https://app.wield.ch/api/adapters/m365/oauth/callback.
  5. Register.

Take note of the Application (client) ID and Directory (tenant) ID.

2. Configure API permissions

Under API permissionsAdd a permissionMicrosoft GraphDelegated permissions:

Permission Purpose
Files.Read.All Read SharePoint/OneDrive files
Sites.Read.All List sites
User.Read User identity
offline_access Refresh-token rotation

Then Grant admin consent for [Tenant].

3. Generate a client secret

  1. Certificates & secretsNew client secret.
  2. Description: Wield production, expiry: 24 months.
  3. Copy the Value (not the secret ID) — shown only once.

4. Connect inside Wield

  1. Settings → Adapters → Microsoft 365 → Connect.
  2. Paste tenant ID, client ID, client secret.
  3. Click Authorize — you'll be redirected to Microsoft and returned with an active connection.

Security & storage

  • Refresh tokens are stored encrypted in the database (AES-256-GCM, per-tenant key).
  • Client secrets never leave your tenant record.
  • On invalid_grant, the adapter card triggers re-consent automatically.

Common errors

  • AADSTS50011: reply URL mismatch — verify the redirect URI exactly, including scheme and path.
  • Insufficient privileges — admin consent not granted; repeat step 2.
  • invalid_client — wrong or expired secret; regenerate in Azure.