System Overview
EasyLife 365 comprises several components hosted on Azure, providing essential provisioning logic and capabilities for all your users.
App
The EasyLife 365 Mail App is an Azure Web app that hosts the user-facing application. It is accessible via a web browser and directly through Teams. Authentication is managed using a dedicated Entra ID application in the Microsoft Identity platform, ensuring compliance with Microsoft security standards.
The application's primary goal is to provide users with an overview of the resources they own, along with necessary compliance requirements. Users can also request new resources specified by those authorized to configure EasyLife 365 Mail through EasyLife 365 Admin.
Admin
The EasyLife 365 Admin is an Azure Web App hosting the configuration pages for EasyLife 365. It is accessible through a web browser and can be restricted to selected users within your organization. Typically, permissions for this application are assigned to a small group of administrators using a security group. Authentication is handled by an Entra ID application in the Microsoft Identity Platform, allowing you to limit access and enforce additional authentication techniques through conditional access policies configured in your organization.
API
The EasyLife 365 Mail API is accessed by both the EasyLife 365 Mail App and EasyLife 365 Admin to manage the necessary information stored in the backend. This Web App is secured through a dedicated Entra ID app using the Microsoft Identity Platform.
The EasyLife 365 Mail API uses Microsoft Graph to interact with the Microsoft 365 environment. Access to the endpoints is secured by custom security scopes associated with your EasyLife 365 Apps and users.
Engine
The EasyLife 365 Mail Engine is an Azure Function responsible for provisioning new resources and performing regular compliance checks within your tenant. It also handles notifications to users and administrators via email and Teams.
Additionally, the engine can send notifications to other applications or services using the Webhook feature.
The EasyLife 365 Mail Engine operates as a separate process and can be enabled or disabled independently using settings. Its operations are executed in the background.
Storage
The EasyLife 365 Mail configuration (e.g., templates, policies, unique keys) is stored in Azure Table Storage. The Storage account is accessible by both the EasyLife 365 Mail API and EasyLife 365 Mail Engine.
Logging
Application Insights logs operations performed by EasyLife 365, maintaining 14 days of logs with metadata about processed groups and emails sent to users receiving notifications.
Microsoft Graph
Microsoft Graph is utilized by EasyLife 365 components to interact with the Microsoft 365 tenant. Microsoft Graph serves as the data gateway to information and intelligence in Microsoft 365, providing a unified programmability model to access vast amounts of data in Microsoft 365, Windows 10, and Enterprise Mobility + Security.
Exchange API
The Exchange API is used by EasyLife 365 components to interact with the Microsoft 365 tenant when support for Microsoft Graph is not yet available.
Entra ID
The Microsoft Identity Platform, in combination with Entra ID, secures access to all EasyLife 365 components. The EasyLife 365 Mail App, EasyLife 365 Admin, and EasyLife 365 Mail API each have dedicated Entra ID app registrations that can be secured using techniques such as Conditional Access.