home

CLM for Salesforce

Adobe Sign ServicesAdvantage Platform AdministrationApprovals for Advantage PlatformApprovals for SalesforceBilling for Advantage PlatformBilling for SalesforceCLM for Advantage PlatformCLM for SalesforceContracts for SalesforceCollaborateComposer for Advantage PlatformComposer for SalesforceContractsConga for Google DocsConga Upgrade ProgramContract Intelligence (Standalone)CPQ for Advantage PlatformCPQ for SalesforceDeal MaximizerDigital Commerce for Advantage PlatformDigital Commerce for SalesforceDiscovery AI for Advantage PlatformDiscovery AI for SalesforceDocusign ServiceseSignature Integration with Advantage PlatformGridInvoice GenerationMix FormsOrchestrateOrder Management for Advantage PlatformOrder Management for SalesforcePartner Commerce for Advantage PlatformPartner Commerce for SalesforceQuote GenerationSign for Advantage PlatformSign for SalesforceSmart SearchTurboEnginesX-Author for Contracts 1.0 (Classic)X-Author for ContractsX-Author for Contracts Advanced for Advantage PlatformX-Author for Contracts Advanced for SalesforceX-Author for ExcelX-Author for Migration ManagerRelease NotesGeneral
Adobe Sign ServicesAdvantage Platform AdministrationApprovals for Advantage PlatformApprovals for SalesforceBilling for Advantage PlatformBilling for SalesforceCLM for Advantage PlatformCLM for SalesforceContracts for SalesforceCollaborateComposer for Advantage PlatformComposer for SalesforceContractsConga for Google DocsConga Upgrade ProgramContract Intelligence (Standalone)CPQ for Advantage PlatformCPQ for SalesforceDeal MaximizerDigital Commerce for Advantage PlatformDigital Commerce for SalesforceDiscovery AI for Advantage PlatformDiscovery AI for SalesforceDocusign ServiceseSignature Integration with Advantage PlatformGridInvoice GenerationMix FormsOrchestrateOrder Management for Advantage PlatformOrder Management for SalesforcePartner Commerce for Advantage PlatformPartner Commerce for SalesforceQuote GenerationSign for Advantage PlatformSign for SalesforceSmart SearchTurboEnginesX-Author for Contracts 1.0 (Classic)X-Author for ContractsX-Author for Contracts Advanced for Advantage PlatformX-Author for Contracts Advanced for SalesforceX-Author for ExcelX-Author for Migration ManagerRelease NotesGeneral

Conga Product Documentation

Welcome to the new doc site. Some of your old bookmarks will no longer work. Please use the search bar to find your desired topic.

Show Contents

Show Page Sections

CLM for Salesforce

Managing Microsoft 365 Review

download

Setting Up Microsoft 365 Review

When a review cycle is initiated for an agreement document in the Conga CLM application, the document is temporarily stored in SharePoint. The reviewers can collaboratively review and edit the document and view live changes. Once the review cycle for the document has ended, the document is removed from SharePoint. You need to set up various configurations in Conga CLM, SharePoint, and Azure App for these applications to communicate with each other for document reviews through Microsoft 365.

This section describes how to set up Office 365 review by configuring the remote site settings, Azure app, and Office 365 settings.

Prerequisites

  • You have subscribed to Microsoft 365 E3 or E5.
  • Azure Client ID, Client Secret, and Active Directory are available. Contact your IT administrator to get these.
  • Users are allowed to use Microsoft 365. For more information, see Prerequisites for Parallel Review.
  • The following comply system properties are configured:
    • Parallel Review property is enabled
    • XAJS End Point property with X-Author for Contracts 2.0 (XAJS) URL
    • Enable Document Versioning property is enabled
  • The following email templates are configured and available out-of-the-box. You can make the necessary changes to the content as per your requirement. For more information, see Configuring Classic Email Templates.
    • Agreement Office365 External Review Notification
    • Agreement Office365 Internal Review Notification
    • Agreement Office365 Review Notification
    • End Review Office 365
    • Office365 Review Cycle Cancel Notification

To create a dedicated SharePoint site (Optional)

When an Microsoft 365 review cycle is initiated, CLM application temporarily stores the agreement documents in a SharePoint site. You can use your organization's default site for the CLM to store documents for review or create a site in your organization's SharePoint dedicated for this purpose. Within the dedicated site, you can also create a folder where CLM should store all the documents for review. If you do not create a folder, SharePoint creates a default folder in the configured site and adds all documents for review to the default folder.

To use the default site, skip this section and proceed to the next section.

To use a dedicated site for review documents, create a SharePoint Communication Site. For more information, see Create a Site in SharePoint and Overview of external sharing in SharePoint and OneDrive in Microsoft 365 (Microsoft documentation).

Note:

Copy the site name and save it securely. You will need it while specifying Sharepoint site name in Microsoft 365 settings.

To collect the Azure client ID and client secret from the Azure portal

  1. Log in to the Azure portal as an administrator.
  2. Select Azure Active Directory.
  3. Select App registrations.
  4. Select New registration and enter Conga CLM Application.
  5. Click Register.
  6. From the left navigation bar, select Overview.
  7. Copy the Application (Client) ID and save it securely. You will need it while configuring Microsoft 365 settings.
  8. From the left navigation bar, select Certificates & secrets.
  9. Click New client secret.
  10. Add a description, select the validity duration, and select Add. The value of the client secret is displayed. Copy this value and save it securely. You will not be able to retrieve the key later.

To configure flows in the Azure app

You need to provide the required permissions to the Azure app for all the reviewers to allow the Azure app to create folders and files. You can use one of the following flows to facilitate interaction between the Azure app and SharePoint.

  • Application Flow: The Azure app can directly interact with SharePoint without a signed-in user present. The Azure app can access any data that the permission is associated with. For example, if the Azure app is granted the Files.Read.All application permission, it will be able to read any file in Sharepoint. For more information, see Application permissions (Microsoft Documentation) and Application access (Microsoft Documentation).
  • Delegated Flow: The Azure app cannot interact with SharePoint without signed-in user present. Both the review initiator and the Azure app must have permission to create a folder or file and add permission in SharePoint. When sending a document for review, the review initiator must log in every time. Hence, this is a restrictive flow. For more information, see Delegated permissions (Microsoft Documentation) and Delegated access (Microsoft Documentation).

Application Permission flow

  1. Select API permission under API Permission > Add permission > Microsoft Graph > Application Permission.
  2. Provide the following permissions for Microsoft Graph APIs:

    API Permission

    Alternate Permission for Restricted Access

    User.Read.All

    User.Read.All

    Files.ReadWrite.All

    Sites.Selected

    Note:

    Note

    Ensure that the SharePoint Admin has granted Azure app, write access to the configured SharePoint site. For more information, see Granting Access to SharePoint Site.

    Sites.Read.All

    Not applicable

  3. On the API Permissions page, click Grant admin consent for the permissions where "Admin consent required" is "Yes".

Delegated Permission flow

  1. In the authentication tab from the Azure app that you had created in the previous configuration, add a URI with the org's instance URL and with the suffix as /apex/apttus__MSAuthorize appended.

    Sample value: https://test–tbox.my.salesforce.com/apex/apttus__MSAuthorize

  2. Select API permission under API Permission > Add permission > Microsoft Graph > Delegated Permission.
  3. Provide the following permissions for Microsoft Graph APIs:

    API Permission

    Alternate Permission for Restricted Access

    User.Read.All

    User.Read.All

    Files.ReadWrite.All

    Sites.Selected

    Note:

    Note

    Ensure that the SharePoint Admin has granted Azure app, write access to the configured SharePoint site. For more information, see Granting Access to SharePoint Site.

    Sites.Read.All

    Not applicable

  4. On the API Permissions page, click Grant admin consent for the permissions where "Admin consent required" is "Yes".

To configure remote site settings in CLM

Remote Site Settings control access to external web resources from your Salesforce organization. These resources can include services, APIs, or websites that your Salesforce organization needs to communicate with. By default, Salesforce blocks calls to external URLs from within its platform due to security considerations. You can use Remote Site Settings to explicitly allow these calls.

For Microsoft 365 review, you need to configure Remote Site Settings to maintain a secure environment while allowing your Salesforce organization to interact seamlessly with Sharepoint application. You need to add remote sites for Microsoft 365 login, MS Graph URL, and SharePoint URL.

  1. Go to Setup > Security > Remote Site Settings.
  2. Click New Remote Site.
  3. Enter a descriptive remote site name for Microsoft 365 login.
  4. Enter https://login.microsoftonline.com/ in the Remote Site URL field for the Microsoft 365 login.
  5. Select the Active checkbox.
  6. Click Save & New.
  7. Enter a descriptive remote site name for MS Graph URL.
  8. Enter https://graph.microsoft.com/ in the Remote Site URL field for the MS Graph URL.
  9. Select the Active checkbox.
  10. Click Save & New.
  11. Enter a descriptive remote site name for SharePoint URL.
  12. In Remote Site URL field, enter the remote site URL for the SharePoint URL.
    Note:

    The SharePoint URL is specific to your domain and Microsoft license.

  13. Select the Active checkbox.
  14. Click Save.

To configure the Microsoft 365 custom settings in CLM

Note:

You can add multiple Microsoft 365 settings but can activate only one setting at a time.

  1. Click the App Launcher () icon in the upper left-hand corner of the Home screen.
  2. From the App Launcher, search and select Office 365 Settings.
  3. Click New.
  4. Enter the following details to connect to Microsoft 365:
    1. Name: Office365
    2. MS Login URL: Enter the Microsoft 365 login URL to connect to the service. To find Tenant Id, see How to find your Azure Active Directory tenant ID (Microsoft Documentation).

      Sample value:

    3. MS Graph URL: Enter the Microsoft 365 URL to connect to the service.

      Value: https://graph.microsoft.com/v1.0/

    4. Scope: Enter the scope to be used in the Microsoft 365 Graph API.
      Note:

      Make sure your values match those of the configured authentication flow.

      For application flow (Permit Delegation is disabled in the Microsoft 365 setting): https://graph.microsoft.com/.default For delegated flow (Permit Delegation is enabled in the Microsoft 365 setting): offline_access Files.ReadWrite.All

    5. Client Id: Paste the client ID you saved while registering CLM application to Azure Active Directory. Refer To collect the Azure client ID and client secret from the Azure portal section.

      Sample value: 8m7r4**d-****-4c**-b4d8-e4a6b***79b

    6. Client Secret: Paste the client secret you saved after registering CLM application to Azure Active Directory. Refer To collect the Azure client ID and client secret from the Azure portal section.

      Sample value: taiLWUY*****38&7B%400$5234c***UY%

    7. Show Client Secret: Select the checkbox to expose the Client Secret field value momentarily.
    8. SharePoint Site: Paste the site name you saved while creating the Sharepoint site. For more information, see To configure a specific SharePoint site. Ensure you do not include the site URL.

      Sample value: CLMsite

      Note:

      If no SharePoint site is configured then the system uses the organization's default site.

    9. Folder Path: Enter the folder path to upload documents to SharePoint.

      Sample value: ContractDocuments

      Note:

      If the folder path is blank, the system creates a folder named "Conga CLM Temp Folder" to store the documents to be reviewed.

    10. Permit Delegation: After you log in to Microsoft, select the Permit Delegation checkbox, enabling users to grant delegate access.
      Note:

      Select the Permit Delegation checkbox only if you configured your Azure app for delegated flow.

    11. Allow Accept/Reject from Third Party: Select the checkbox to allow external reviewers to accept or reject changes in the documents sent to them for review through Send for Microsoft 365 Review.
    12. Active: Select the Active checkbox to activate the Microsoft 365 setting.
  5. Click Test Connection to check if all the entered values are correct.
    Testing connection successful message is displayed if the connection is established, else an error message displayed.
  6. Click Save.
Administrator Guide
CLM

January 7, 2025