Microsoft Exchange
This is a Cloud-only feature (available in Free and Professional plan).
Seatsurfing can sync bookings to your organization's Microsoft Exchange room calendars. When a booking is created, updated, or deleted in Seatsurfing, the corresponding Exchange Room Calendar is updated automatically — keeping your room calendars in sync without any manual effort.
This is a one-way sync: bookings flow from Seatsurfing into Exchange. Bookings made natively in Exchange are not synced back to Seatsurfing.
Prerequisites
- A Microsoft 365 tenant with Exchange Online.
- Permissions to create an Azure AD App Registration and configure Application Access Policies in Exchange Online.
Step 1: Create an Azure AD App Registration
- Sign in to the Azure Portal and open Azure Active Directory → App registrations → New registration.
- Give the app a descriptive name (e.g., Seatsurfing Exchange Sync) and register it.
- Note down the Tenant ID and Client ID — you'll need these in Seatsurfing.
- Under Certificates & secrets, create a new Client secret and copy its value immediately.
- Under API permissions, click Add a permission → Microsoft Graph → Application permissions → search for
Calendars.ReadWriteandPlace.Read.Alland add it. - Click Grant admin consent for the aforementioned permissions.
Step 2: Configure Exchange Integration in Seatsurfing
In the Seatsurfing Administration UI, navigate to Cloud Features and locate the Microsoft Exchange section:
- Enabled: Toggle to activate the integration for your organization.
- Tenant ID: The Directory (Tenant) ID of your Azure AD.
- Client ID: The Application (Client) ID of the App Registration.
- Client Secret: The client secret value created in Step 1.
Click Save to store the settings.
Use the Test Connection button to verify that Seatsurfing can authenticate with the Microsoft Graph API using the saved credentials. The button is only active when there are no unsaved changes — save your settings first, then test.
Step 3: Set room email addresses on spaces
For each space (e.g., a conference room) that should be synced to Exchange, set its Exchange Room Email Address. You can access the page by clicking the "Manage room mappings" button.
Spaces without a room email address are not synced to Exchange.
How the Sync Works
Once configured, Seatsurfing asynchronously syncs booking events to the corresponding Exchange room calendar:
| Seatsurfing Event | Exchange Action |
|---|---|
| Booking created / approved | Calendar event created in room calendar |
| Booking updated | Calendar event updated |
| Booking deleted | Calendar event deleted |
The sync runs in the background. If the Microsoft Graph API is temporarily unavailable, Seatsurfing retries automatically with exponential backoff (up to ~15 minutes across 5 retries).
Monitoring Sync Errors & Queue status
You can view the status of the synchronization queue as well as failed sync jobs by clicking the "View sync queue" button.
Security notes
- The Client Secret is encrypted at rest using AES-256-GCM. The plaintext secret is never returned by the Seatsurfing API.
- Credentials are stored per organization and are not shared across organizations.
- The sync payload stored in Seatsurfing's database contains user display names, space names, and room email addresses — but no OAuth2 credentials.
Optional Settings
We recommend setting the following properties using Exchange Online PowerShell:
Set how the events created via the API are processed by Exchange:
Set-CalendarProcessing `
-Identity "boardroom@contoso.com" ``
-AutomateProcessing AutoAccept `
-DeleteSubject $false `
-AddOrganizerToSubject $false `
-DeleteComments $false `
-RemovePrivateProperty $false `
-ProcessExternalMeetingMessages $true
Only show limited details for the created events:
Set-MailboxFolderPermission `
-Identity "boardroom@contoso.com:\Calendar" `
-User Default `
-AccessRights LimitedDetails
To ensure Seatsurfing can only access room mailboxes and not personal user mailboxes, create an Application Access Policy in Exchange Online PowerShell:
- Create a mail-enabled security group and add all room mailboxes to it.
- Apply the policy using Exchange Online PowerShell:
New-ApplicationAccessPolicy `
-AppId <ClientID> `
-PolicyScopeGroupId <RoomMailboxGroup> `
-AccessRight RestrictAccess `
-Description "Restrict Seatsurfing to room mailboxes only"
Replace <ClientID> with the Application (Client) ID from Step 1 and <RoomMailboxGroup> with the email address of the security group.