Add a Microsoft 365 message source


In order for the Sublime Platform to access mail from your tenant programmatically, you must create a new Azure app and authorize it for access. This is required so that only you have access to your mail, and not anyone else, including the Sublime team.


Tenant admin

You must be a tenant admin to authorize this app for all users on your domain.

After completing the steps below, you'll copy over the following to add the message source in Sublime:

  • Application (client) ID
  • Directory (tenant) ID
  • Client secret


  1. Login to
  2. Search for App registrations
  1. Click + New registration
  1. Enter "Sublime Platform" for the app name. Leave the other defaults (Single-tenant, no Redirect URI). Click "Register".
  1. Copy the application (client) ID and the Directory (tenant) ID over to the Sublime Platform setup
  1. Click View API permissions and then + Add a permission
  • Select Microsoft Graph
  • Select Application permissions
  • Choose Mail.ReadWrite, User.Read.All, Group.Read.All, and Domain.Read.All
  • Click Add permissions
  1. Then, Grant admin consent for your domain. Note that if this button is greyed out for you, you may need to have a Domain Admin grant the consent.

You should see green checkmarks like this:

  1. Navigate to Certificates & secrets in the sidebar
  1. Create a new Client secret. Enter "Sublime Platform" for the description and choose "24 months".
  1. Copy the client secret "Value" over to the Sublime Platform setup.

:tada: That's it!