Learn the basics about how AskCody integrates with your organization's Microsoft Exchange environment
Integrating the AskCody Platform with your Microsoft Exchange Server or Exchange Online tenant (Office 365) is an important and key step in setting up the AskCody Portal. Instead of moving directly to setting up the integration, we would like to explain how we integrate because this will provide insight into the requirements of setting up an integration like the one between AskCody and Exchange.
The AskCody cloud
Benefitting from Microsoft’s unmatched scale and experience running trusted enterprise cloud services around the globe, AskCody is built on Microsoft Azure. With AskCody being a Microsoft ISV Partner, we can take advantage of the Microsoft Azure Cloud more quickly while reducing security and compliance costs and minimizing risk to your organization.
When you invest in a cloud service, you must be able to trust that your data is safe, that data privacy is protected, and that you own and control your data in all its uses.
AskCody is divided into a European and North American setup due to data regulations. Customers in North America will only have data processed in North America, while European customers will only have data processed in Europe. Learn more about how AskCody processes data in our Data Processing section on HelpCenter.
AskCody is fully compliant with GDPR, is ISAE 3000 certified, and is built intelligently where all meeting data stays natively on Microsoft Exchange. You can learn more about our data center and our information security compliance with GDPR by following the links above.
AskCody - An intelligence layer on top of your Microsoft infrastructure and backbone integrating natively with Microsoft
AskCody integrates with Microsoft Exchange using Exchange Webservices Managed API and integrates with and shares data using Microsoft EWS. Microsoft EWS is built-in and a native part of Microsoft Exchange and Microsoft Exchange Online that is used to share data with third parties like AskCody. Microsoft EWS, therefore, must be enabled and available for AskCody to access directly.
This means that EWS must be turned on and always available. We don’t recommend having a load balancer in front of your EWS access since this can impact the performance and stability of AskCody. We highly recommend to always integrate AskCody with Microsoft Exchange using EWS directly and not routed through any form of load balancer.
Integrating with Microsoft Exchange using EWS, AskCody works as an intelligence layer living on top of your Microsoft infrastructure, leveraging the power of the robust and scalable Microsoft backbone. Exchange EWS is always available in your Microsoft Exchange infrastructure no matter if you are on-prem using Exchange Server or online with Exchange Online, and therefore just need to be made available to AskCody (as default EWS is available)
Integration with Microsoft Exchange and accessing data in your Microsoft backbone is done using one of two authentication methods depending on Exchange Server or Exchange Online. These are referred to as Basic and Modern Authentication. It’s up to you to decide which method you want to use based on your version of Microsoft Exchange. You’ll learn more about this in the next part.
Accessible meeting data in Microsoft Exchange
All meeting data in Microsoft Exchange and room mailboxes are requested and accessed using EWS on demand (when data is being used). When AskCody needs to access Exchange data it is requested from Exchange directly and not from an AskCody database. This however does not regard data used in the AskCody Insights module, see the section “AskCody Insights handling of meeting data”. If the integration with Exchange is disabled or removed AskCody will no longer have access to Exchange Data. Therefore, AskCody needs a stable, direct integration with Microsoft EWS.
Meeting data in Exchange needed for a given AskCody module or feature to function is requested via the AskCody Platform and the integration with Exchange via EWS. This is, for example, the case when showing meeting data on a Meeting Room Display or searching for the most suitable room in the AskCody Workplace Add-In for Outlook. All personally identifiable information (PII) from meeting data, stay in Exchange and is only displayed and used when needed for a certain module or feature to function.
Meeting data that AskCody can access in Exchange Server and Exchange Online via EWS:
|Organizer name||Name of meeting organizer.|
|Organizer address||The email address of the meeting organizer.|
|Meeting Subject||The exact value depends on configuration.|
|Start time||The start time of the meeting.|
|End time||The end time of the meeting.|
|Attendees||Name and email address of attendees.|
|Resources||Name and email address of resources.|
|Item ID||Exchange identifier for the meeting.|
|Object ID||Immutable Exchange identifier for the meeting.|
|Location||Location string from the meeting.|
|Private||Whether the meeting is private. Will mask organizer, subject, location, and description on signage modules.|
This is the only data AskCody can access and process in Microsoft Exchange. No emails or attached files or documents to meeting invites are accessed or processed. For more information and details on data processing, please see our Data Processing Agreement.
No access to personal mailboxes
AskCody only processes data in calendar mailboxes and the Exchange data points listed above. AskCody does not access personal mailboxes or personal emails.
Access to this data is further controlled in Data Processing Agreements between AskCody and the Customer.
AskCody Insights handling of meeting data
AskCody provides the Insights module as a tool to analyze and understand meetings held and bookings made, which enables organizations to make decisions that maximize the value from their office space. AskCody Insights is built on Microsoft Power BI and Microsoft Azure Data factory to be able to harness large amounts of meeting data and condense this into tangible analytics. To achieve these analytics meeting data from Exchange is stripped from any personal identifiable information (PII) before processed and stored in the AskCody Azure Data factory.
See the article on Insights data collection for more information. https://help.askcody.com/workplace-insights-data-collection
Meeting room resources in Microsoft Exchange
First of all, AskCody leverages Exchange as a data model for meeting rooms as shown in the figure.
Therefore, you must have all meeting rooms and desks in Exchange as a “room mailbox”. This is where all meeting data, meeting invitations, and more are stored.
If your don't already have all room mailboxes you would like to access in AskCody Portal in Exchange as room mailboxes, then adding these mailboxes to Exchanges is the first thing you need to do to prepare your Exchanges environment to get started with AskCody.
A room mailbox is a resource mailbox that is assigned to a physical location, such as a conference room, an auditorium, or a training room. With room mailboxes, users can easily reserve these rooms by including room mailboxes in their meeting requests from Outlook and AskCody. When they do this, the room mailbox uses options you can configure to decide whether the invite should be accepted or denied.
This guide will help you set up “room mailboxes” in Microsoft Exchange.
When adding room mailboxes to Exchange, we recommend enabling Automate Processing for the meeting room resource. For more information about Automate Processing, please go to TechNet. Automate Processing allows “meeting responses” to be sent to the user when a resource is booked. Automate Processing is required for all resource calendars because it will prevent double bookings or “conflicts”.
If Automate Processing isn't enabled, booking conflicts might happen, and booking confirmations and rejections would be handled manually.
Setting up booking policies and scheduling permissions to comply with business policies and procedures
After setting up meeting rooms as room mailboxes, now configure the right booking options or scheduling permissions for your rooms. This is important to help you manage your meeting rooms and booking the way that supports the needs and wants of your organization and to help you optimize the way people can book meetings.
After creating the room calendar in Microsoft Exchange (room mailbox), we recommend that you perform the additional configuration of policies based on the needs of your organization.
For AskCody to perform as it should it is important to ensure that the different scheduling permissions and booking options are configured correctly. You have multiple options that can impact the way meeting rooms can be booked. You can learn all about the different configuration options in the article.
Scheduling Options and Scheduling Permissions (or booking policies) allows you to change the settings for the booking policy that defines when a room can be booked, how long it can be booked for, and how far in advance it can be booked.
All booking options or scheduling permissions are handled by Exchange and inherited by AskCody. This is why it is important to configure these options before you integrate your meeting rooms with the AskCody Platform.
When scheduling options and scheduling permissions are changed, changes are immediately inherited by AskCody. Scheduling options can always be changed afterward. AskCody automatically uses these settings from Exchange with no further configuration needed.
Microsoft Exchange uses 180 days as standard for a maximum of days in advance a meeting room can be booked and always decline meetings if they are booked beyond this date. If you would need to book meetings more than 180 days in advance, this should be changed accordingly to your needs.
Also, Microsoft Exchange uses 1440 minutes (24 hours) as the maximum length of a meeting. If you need to book all-day meetings across multiple days or make room reservations for more than 24 hours, this should be changed.
Scheduling options and permissions is a smart way to start optimizing your meeting room booking policies and processes. You can limit the duration of meetings in your meeting rooms to create shorter meetings or optimize utilization, or you can limit who has access and permissions to book certain rooms. We recommend that you start with simple, default settings if you don’t have a clear policy in place that is communicated and implemented through the organization since this is often a reason for many misunderstandings.
Enable TLS 1.2 with Exchange
To make the integration with Microsoft Exchange secure and reliable, TLS 1.2 is a requirement for AskCody to integrate with Microsoft Exchange. This means, TLS 1.2 is enabled and activated on your Exchange setting up Microsoft Exchange Server with AskCody (support for TLS 1.0 and 1.1 is deprecated).
In some cases, the recommended TLS version (1.2) is not enabled even though it is supported in the Exchange versions supported by AskCody. Please make sure that TLS 1.2 is enabled for both client and server requests.
AskCody recommends the following guidance from Microsoft. The article goes step-by-step through the process of making sure TLS 1.2 for outbound (client) traffic on HTTPS is enabled and this is a requirement for AskCody in order to track meeting changes.
Testing Exchange settings
Every Exchange environment is unique, as its configurations vary according to the business rules of every organization. However, to make sure that the selected settings follow the rules of your organization, you can try booking a meeting with a meeting room using the AskCody Bookings Add-in (if you already have it available on your Outlook ribbon) or directly with Outlook and check how does the resource (meeting room) handles the meeting invite. Amongst the things to consider, examples can be:
- Did the meeting room process the invitation automatically? If you got a response (whether accepting or rejecting the invite) within a minute of booking the meeting room, then it did. In case it should not, please change this scheduling option in the meeting room's Exchange settings. In case the meeting room needs to have a delegate (a person who accepts or rejects the requests made to the meeting room), please make sure to assign the right person to it.
- In case the event lasts longer than 24 hours, did the meeting room accept the request? In case it did not, please change the maximum allowed time to the desired time-frame greater than 24 hours or remove the limit for the duration of the events in the meeting room's Exchange settings.
- Did the meeting room accept the meeting invite, but it already had a meeting booked for the same timeframe? In case it did, and this is an unintended behavior, please disable the option for allowing conflicts in the meeting room's Exchange settings.
- In case you want specific people to have access to the resource, please make sure that the right Active Directory groups or specific people from your organization are selected under the meeting room's scheduling permissions.
Next step: Integrating Microsoft Exchange with AskCody.