Installing Virto Calendar in your own Azure

This document is a step-by-step technical guide for SharePoint and Microsoft 365 administrators who want to deploy the Virto Calendar App entirely inside their own Azure subscription and Microsoft 365 tenant, rather than relying on VirtoSoftware-hosted infrastructure.

This in-environment (self-hosted) deployment model is designed for organizations that need full control over where their data lives and how it is processed — typically enterprises in regulated industries such as legal, government, finance, and healthcare. When you deploy Virto Calendar this way, the app runs within your own security perimeter: your Azure App Service hosts the application, your Azure Table Storage holds the data, and your Azure AD (Entra ID) app registration governs authentication. No data leaves your environment, and no third-party servers are involved.

Prerequisites#

Before you begin, make sure your Azure infrastructure includes the following components:

• Azure App Service (Windows, .NET Framework 4.8 stack) to host the app.
• Azure Table Storage (a Storage Account) for data handling.
• A custom authorization app registered in your Azure AD (Entra ID) tenant.
• Administrator permissions in both your Azure subscription and your Microsoft 365 tenant.

Authentication uses the standard Microsoft OAuth 2.0 / OpenID Connect (OIDC) flow, and all data is accessed under the signed-in user’s credentials via delegated Microsoft Graph permissions — so users only ever see data they are already authorized to access. You can test the full setup in a non-production environment before rolling it out widely.

Deployment steps#

1. Add Web App#

We recommend using a custom domain to make the App URL readable.

After creating, download the publish profile:

We require it to deploy the app. Your admin can disable it later, however it will be required for any code updates.

2. Create Azure app#

Navigate to App Registration and add a Single Tenant App.

After registering, add the required permissions:

Add the Redirect URL:

Add a Client Secret:

and save it for later use.

Navigate to Overview and save the Application (client) ID and Directory (tenant) ID for later use.

3. Add Storage account (or use existing)#

and save the Storage Account connection string for later use.

4. Configure the deployed app#

When the app is deployed, navigate to the app and open Advanced Tools:

Choose any command:

Find web.config and open it for edit:

Insert the following data:

• AzureApp.ClientId — the Application (client) ID from your Azure app registration (saved in Step 2).
• AzureApp.ClientSecret — the client secret value you created and saved in Step 2.
• AzureApp.Tenant — the Directory (tenant) ID from your Azure app registration (saved in Step 2).
• StorageWestUS — the Storage Account connection string you saved in Step 3.

Save web.config. Now you’re all set!

Verify the deployment#

Open the Virto Calendar App from your App Service URL (or the custom domain you configured) and sign in with a Microsoft 365 account from your tenant. On first launch you will be prompted to consent to the requested permissions. After consent, confirm that calendars and events load correctly and that data is being written to your own Storage Account. Because the app uses delegated permissions, each user will only see the calendars and items they are already authorized to access.

Updating the app#

Keep the publish profile you downloaded in Step 1 in a secure location. It is required for any future code updates to the app. Your administrator can disable publishing access between updates and re-enable it when a new version needs to be deployed.