The Microsoft Exchange connector is a Palantir-provided driver for Microsoft Exchange.
To create a new Microsoft Exchange source, follow the standard setup flow for Palantir-provided drivers, then use the sections below for Microsoft Exchange-specific configuration and networking. For the complete property reference, see the official Microsoft Exchange driver documentation ↗.
The properties below are mandatory or recommended.
| Property | Required? | Description | Default |
|---|---|---|---|
DefaultGroups ↗ | Mandatory | Determines the default group context when accessing group-scoped resources in Microsoft Exchange. | AllGroups |
DefaultUser ↗ | Mandatory | Determines the default user context when accessing user-scoped resources in Microsoft Exchange. | CurrentUser |
Server ↗ | Mandatory | Specifies the URL of the Microsoft Exchange server to connect to. | https://outlook.office365.com/EWS/Exchange.asmx |
AuthScheme ↗ | Recommended | Specifies the authentication scheme used to connect to the Microsoft Exchange server. | AzureServicePrincipal |
AzureTenant ↗ | Recommended | Identifies the Microsoft Exchange tenant being used to access data. Accepts either the tenant's domain name (for example, contoso.onmicrosoft.com ) or its directory (tenant) ID. | — |
GroupId ↗ | Recommended | Specifies the Id of a Microsoft Exchange group whose data you want to access. | — |
InitiateOAuth ↗ | Recommended | Specifies the process for obtaining or refreshing the OAuth access token, which maintains user access while an authenticated, authorized user is working. | GETANDREFRESH |
OAuthClientId ↗ | Recommended | Specifies the client ID (also known as the consumer key) assigned to your custom OAuth application. This ID is required to identify the application to the OAuth authorization server during authentication. | — |
OAuthClientSecret ↗ | Recommended | Specifies the client secret assigned to your custom OAuth application. This confidential value is used to authenticate the application to the OAuth authorization server. (Custom OAuth applications only.) | — |
Platform ↗ | Recommended | Specifies the Microsoft Exchange platform to target when establishing a connection. | Exchange_Online |
Schema ↗ | Recommended | Specifies the schema to use when connecting to the Microsoft Exchange platform. | EWS |
UserId ↗ | Recommended | Specifies the Id of a Microsoft Exchange user whose data you want to access. | — |
The table below lists the domains that the source needs to be able to access in order to successfully run.
For each domain, add a corresponding egress policy. If the source is hosted on-premises and not directly reachable from Foundry, use an agent proxy egress policy instead; the agent host itself must also be able to reach the listed domains. See using an agent as a proxy for details.
| Domain | Required |
|---|---|
| <Server> | Always. For Exchange Online, use Server=' https://outlook.office365.com/EWS/Exchange.asmx' |
| outlook.office365.com | If Platform=Exchange_Online AND Schema=EWS |
| graph.microsoft.com | If Platform=Exchange_Online AND Schema=MSGraph |
| login.microsoftonline.com | If Platform=Exchange_Online (default) AND AuthScheme=AzureAD, AzureServicePrincipal, or AzureServicePrincipalCert |
| <KerberosKDC>:88 | If AuthScheme=Negotiate |
| <KerberosServiceKDC>:88 | If AuthScheme=Negotiate AND Kerberos topology uses multiple realms |