All Collections
Mimecast
Permissions Mimecast
Permissions Mimecast
Scott Mullin avatar
Written by Scott Mullin
Updated over a week ago

In order for us to connect to your Mimecast account you will need to:

  1. Use a single User that has the only the permissions needed for timetoreply™ to work.

  2. Update the Authentication Cache TTL setting in the service user’s effective Authentication Profile to “Never Expire.”

This page provides a step by step guide to prepare a User for us to connect with.

We will use this User to get an access key which is required to authorize all requests to the Mimecast API.

Note: should you ever wish to cancel your account with timetoreply™ or simply prevent access, you can easily remove this User from your Mimecast account at any time. This will prevent timetoreply™ from having any access to your account. We do not store the password of the User you create with these instructions.

Step 1: Create a new user

  • Login to the Mimecast Administration Console.

  • Navigate to the Administration | Directories | Internal Directories menu item to display a list of internal domains.

  • Select the internal domain where you would like to create your new user.

  • Select the New Address button from the menu bar.

  • Complete the new address form and select Save and Exit to create the new user.

  • Keep a note of the password set as we will need this to connect to your account later.

Step 2: Add the User to a newly created Role.

  • While logged into the Mimecast Administration Console, navigate to the Administration | Account | Roles menu item to display the Roles page.

  • Click on the New Role button at the top.

  • Give the role a name and description, for example, ‘timetoreply™’ and ‘Role for timetoreply™’

  • For Security Permissions, select “Cannot Manage Roles”

  • For Application Permissions, unselect all options, then add just the following permissions:

  • Account Menu | Dashboard | Read, Edit

  • Archive Menu | Search | Read, Search Content View

  • Directories Menu | Internal | Read

  • Note: The Search Content View permission is Administrator-level permission. If you do not wish to grant this permission, you can also grant delegate permission for this User to all the Agents you plan to add to timetoreply™.

  • Save and Exit the role.

  • Navigate back to the navigate to the Administration | Account | Roles menu item to display the Roles page.

  • Right-click the role we just created and select Add Users to role.

  • Browse or search to find the new user created in Step 1

  • Select the tick box to the left of the user.

  • Select the Add selected Users button to add the User to the role.

Step 3: Create a new group and add your new user

  • While logged into the Mimecast Administration Console, navigate to the Administration | Directories | Profile Groups menu item to display the Profile groups page.

  • Create a new group by selecting the plus icon on the parent folder where you would like to create the group. This creates a new group with the Name “New Folder”

  • To rename the group, select the newly created “New Folder” group. Then from the Edit group text box type the name you want to give the folder, for example timetoreply™ Admin and press the Enter key to apply the change.

  • With the group selected, select the Build drop-down button and select Add Email Addresses.

  • Type the name of the new User created in Step 1.

  • Select Save and Exit to add the new User to the group.

Step 4: Create a new Authentication Profile

  • While logged into the Mimecast Administration Console, navigate to the Administration | Services | Applications menu item to display the Application Settings page.

  • Select the Authentication Profiles button.

  • Select the New Authentication Profile button.

  • Type a Description for the new profile.

  • If your organization connects with Mimecast using Active Directory or Domino Directory, set the Domain Authentication Mechanisms option to LDAP, otherwise leave the setting as default.

  • Set the Authentication TTL setting to Never Expires. This will make sure that when we generate your Authentication Token it will not expire and impact data collection by timetoreply™. timetoreply™ will not store the password of this User for security reasons. Doing this allows us to connect to Mimecast using only the API Token we will generate for you.

  • Leave all other settings as their default.

  • Select Save and Exit to create the profile.

Step 5: Create a new Application Setting

  • While logged into the Administration Console, navigate to the Administration | Services | Applications menu item to display the Application Settings page.

  • Select the New Application Settings button.

  • Type a Description.

  • Use the Group Lookup button to select the Group that you created in Step 3.

  • Use the Authentication Profile Lookup button to select the Authentication Profile created in Step 4.

  • Leave all other settings as their default.

  • Select Save and Exit to create and apply the Application Settings to your new group and user.

Step 6: Enter the details of your new User in the form below

  • Finally, you will need to whitelist our IP range from your Mimecast dashboard: 52.56.163.227

Did this answer your question?