OneConnect supports multiple authentication options to connect to Microsoft Planner.
Please review the options available and choose the best option for your company, before you start the setup of the integration.
There must be an Entra Application available in order to connect to Microsoft Planner. You can create your own or use the default one.
Using OnePlan Logged in User's Account + Default OnePlan App
When the Microsoft Planner integration is used from the OnePlan application, it is possible to use the logged in user's Entra ID account. In this option the default Entra Application is used.
The default App ID: 1d5c336b-c056-4d77-87c2-cdd4428b1a68
Pros of using this option:
- Quick to set up.
- Additional service account is not required.
Cons of using this option:
- OnePlan Forms user accounts are not supported.
- Users must have permission to manage Office 365 groups (create and add users).
To use this option, the Authorize button must be used during the setup.
Using Service Account + Default OnePlan App
You can use an Entra ID account to connect to Planner. In this scenario, all communication with Planner is done via a central account. We call this user account a "Service Account". In this option the default Entra Application is used.
This user account cannot not have Multi-Factor Authentication (MFA) associated with it.
The default App ID: 1d5c336b-c056-4d77-87c2-cdd4428b1a68
Pros of using this option:
- Individual users do not need Office 365 group management rights.
Cons using this option:
- The account cannot have Multi-Factor Authentication (MFA).
- A username and password must be configured in OneConnect.
- More involved process to set up (requires a Microsoft tenant administrator to approve permissions).
To use this option, the Authorize button must be used, the Use integration credentials to connect to Planner options must be checked, the username and password must be filled out.
Using Service Account + Custom App
You can use an Entra ID account to connect to Planner. In this scenario, all communication with Planner is done via a central account. We call this user account a "Service Account". This user account cannot not have Multi-Factor Authentication (MFA) associated with it.
You can also create your own Entra Application to connect to Planner.
Pros of using this option:
- You are in control of the Entra Application that is used to access Planner.
- Individual users do not need Office 365 group management rights.
Cons using this option:
- You need to maintain the client secret for your Entra Application. (update it when expires)
- The account cannot have Multi-Factor Authentication (MFA).
- A username and password must be configured in OneConnect.
- More involved process to set up (requires a manual creation of an app)
To use this option, an Entra Application must be created, the Use integration credentials to connect to Planner options must be checked, the username, password, client ID and client secret fields all must be filled out.
Creating your own Entra Application
If you use your own Entra Application, you will need the following permissions:
Microsoft Graph:
- User.Read
- User.ReadBasic.All
- Group.ReadWrite.All
Related to