Provisioning an Exchange Online Service Account

Cloud App Security supports using OAuth 2.0 to provision service accounts (Authorized Accounts) for Exchange Online. With the OAuth 2.0 framework, Cloud App Security obtains an access token to get limited access on the Global Administrator's behalf to run advanced threat protection and data loss prevention scanning on email messages in protected mailboxes.

Cloud App Security supports two protection modes for Exchange Online. For details, see Protection Modes for Email Services. Each mode requires separate service account provisioning.

Protection Mode


API-based Protection

See provision an Exchange Online Authorized Account.

Inline Protection

See Provisioning an Exchange Online (Inline Mode) Authorized Account.

You can choose to provision for both or either of the protection types for your Exchange Online service based on your requirements.