Integration · Email

Send every email from your own Microsoft 365 tenant

Name: TempClock
Price: 150.00 GBP
Author: TempClock

Connect an Azure app registration once, and TempClock sends alerts, agreement requests and reports through Microsoft Graph — from your domain, with your deliverability.

Talk to us See how it works

app.tempclock.com/settings/email

Settings · Email provider Microsoft 365 active

Microsoft 365 (Graph)

SMTP

Tenant ID

aa11bb22-cc33-dd44-ee55-ff6677889900

Client ID

9f3c1d20-7b84-4e1a-9c2f-1a2b3c4d5e6f

Client secret

••••••••••••••••••••••••

Send from

noreply@yourcompany.co.uk

Mail.Send · authenticated Send test

Paste three Azure values, nominate a mailbox, send a test — done.

01—What connects

One Azure app registration, all of TempClock’s mail

TempClock authenticates to Microsoft Graph with the client-credentials flow — no interactive sign-in, no mailbox password stored. Every message it would normally send goes out through your tenant instead.

Graph API, not SMTP

Mail is posted to the Microsoft Graph sendMail endpoint over HTTPS. There is no SMTP password to rotate and no relay to keep open.

Least-privilege permission

The Azure app needs only the Mail.Send application permission. That is enough to send and nothing more — TempClock cannot read mailboxes.

Sent from your domain

Messages come from a mailbox you nominate on your own domain, so they inherit your SPF, DKIM and DMARC — and your inbox reputation.

Covers every system email

Late and no-show alerts, low-match warnings, agreement requests and reminders, report deliveries and password flows all route through the same connection.

The send path

In TempClock An alert or agreement is ready to send

Microsoft Graph Token issued for Mail.Send

Your tenant Sent from your nominated mailbox

Outbound mail only — TempClock never reads from your tenant.

02—Under the hood

A standard Graph sendMail call

Nothing bespoke — TempClock gets a token, then posts the message to your tenant.

# 1 — get a token (client-credentials grant)
POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
  scope=https://graph.microsoft.com/.default

# 2 — send the message from your mailbox
POST https://graph.microsoft.com/v1.0/users/noreply@yourcompany.co.uk/sendMail
  -H "Authorization: Bearer •••"
{
  "message": {
    "subject": "TempClock Alert: Late start at Riverside DC",
    "body": { "contentType": "HTML", "content": "…" },
    "toRecipients": [{ "emailAddress": { "address": "ops@yourcompany.co.uk" } }]
  }
}
# → 202 Accepted

Token cached until expiry · 202 Accepted = queued by Microsoft

02—The benefit

Better deliverability, less to manage

Mail that comes from your own domain reaches the inbox, and your IT team keeps control without handing out a password.

Lands in the inbox

Because alerts send from your tenant with your SPF and DKIM, they are far less likely to be filtered as spam than mail from a third-party address.

No shared password

Client-credentials auth means there is no mailbox password in TempClock. Revoke the Azure secret and the connection stops — cleanly.

Set up in minutes

Register one Azure app, grant Mail.Send, paste three values and send a test. Most teams are live well inside a coffee break.

03—Honest scope

What the Microsoft 365 connection covers

This connection is about sending email from your tenant. It is deliberately narrow, and we will not pretend otherwise.

Included today

Outbound email via the Graph /sendMail endpoint

Client-credentials auth against your Azure app registration

The Mail.Send application permission — send only

Sending from a mailbox you nominate, with HTML and attachments

A built-in connection test before you switch it on

A clean fall-back to SMTP or the built-in mailer if you prefer

Not included

Reading inboxes, calendars or contacts

Teams messages, OneDrive or SharePoint files

Single sign-on / logging in to TempClock with Microsoft

Inbound email — TempClock does not receive mail to your tenant

Optionally add User.Read.All so the setup screen can verify the mailbox exists — but Mail.Send alone is enough to send. Prefer a relay instead? See Twilio SendGrid or any SMTP host.

Other integrations

Sage 50 Payroll-ready CSV export Twilio SendGrid delivery for alerts

Building something custom? The REST API and HMAC webhooks let you connect any system.

Your tenant, your deliverability

Connect Microsoft 365, send a test in minutes, and let every TempClock email go out from your own domain. Tell us how your team runs email and we will help you set it up.

Talk to us See pricing

UK-hosted · Set up in under an hour · No app for your staff