System Overview

EasyLife 365 consists of several components hosted on Azure to provide the necessary provisioning logic and capabilities for all your users.

App

The EasyLife 365 Mail App is an Azure Web app responsible to host the user facing application. It is accessible through a web browser and directly through Teams. The authentication is ensured using a dedicated Azure AD application in the Microsoft Identity platform and can therefore be secured using Microsoft security standards.

The aim of the application is to provide an overview of the resources owned by a user with all the necessary compliance requirements. Users can also request new resources specified by users allowed to configure EasyLife 365 Mail through EasyLife 365 Mail Admin.

Admin

The EasyLife 365 Mail Admin is an Azure Web App hosting the configuration pages for EasyLife 365. It is accessible through a web browser and can be limited to selected users in your organization. You typically assign the permissions to this application to a small subset of administrators by using a security group. The authentication to the app is ensured by an Azure AD application in the Microsoft Identity Platform. Therefore, you can limit the access and force additional authentication techniques by using conditional access policies configured in your organization.

API

The EasyLife 365 Mail API is accessed by the EasyLife 365 Mail App and EasyLife 365 Mail Admin to manage the necessary information stored in the back-end storage. This Web App is secured through a dedicated Entra ID (Azure Active Directory) app using the Microsoft Identity Platform.

The EasyLife 365 Mail API uses Microsoft Graph to interact with the Microsoft 365 environment. The access to the endpoints is secured by using custom security scopes associated to your EasyLife 365 Apps and users.

Engine

The EasyLife 365 Mail Engine is an Azure Function that is responsible to provision new resources and performing regular compliance checks in your tenant. It is also responsible to send notifications to your users and administrators. It sends notification emails, it can also send notifications through Teams.

The engine can also send notifications to any other application or service using the Webhook feature.

The EasyLife 365 Mail Engine is a separate process and can be enabled or disabled in independently using settings. The Engine's operations are executed in the background.

Storage

The EasyLife 365 Mail configuration (e.g. templates, policies, unique keys) are stored in Azure Table Storages. The Storage account is accessible by the EasyLife 365 Mail API and EasyLife 365 Mail Engine.

Logging

Application Insights is used to log the operations performed by EasyLife. It will maintain 14 days of logs containing information about the metadata of Groups processed and e-mails of the users receiving notifications.

Microsoft Graph

Microsoft Graph is used by the EasyLife 365 components to interact with the Microsoft 365 tenant. Microsoft Graph is the data gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows 10, and Enterprise Mobility + Security.

Entra ID (Azure Active Directory)

The Microsoft Identity Platform is used in combination with Entra ID (Azure Active Directory) to secure the access to all EasyLife 365 components. The EasyLife 365 Mail App, EasyLife 365 Mail Admin, and EasyLife 365 Mail API have dedicated Entra ID (Azure Active Directory) app registrations that can be secured using techniques such as Conditional Access.