OAuth Authentication for Mail Server

OAuth Authentication for Mail Server

Introduction  

OAuth is a standard authorization protocol that provides delegated access to a protected resource using web tokens instead of passwords. With OAuth, resource owners can configure separate permissions for each client requesting access to the same resource and modify/revoke the access at any point of time.


To learn more about how OAuth works, click here.

For FAQS on OAuth, click here

Configuring OAuth for Incoming Mail Settings

To  configure OAuth for incoming mail settings,

  • Go to Admin >> Helpdesk >> Mail Server Settings >> Incoming.

  • Choose the Connection Protocol.

    • If you choose POP/IMAP/POPS/IMAPS:

      • Choose OAuth as the Authentication Type and provide the Server Name / IP Address of the mail server.

      • Enter the Username and Email Address(es) of the associated mailbox.

      • The Protocol is IMAPS and is non-editable, as OAuth authentication is supported for IMAPS only.

      • The relevant Port will be auto-populated. You can modify the port if required.



  

    • If you choose EWS:

      • Choose OAuth as the Authentication Type and enter the Connect URL.

      • Enter the Email Address and Username of the associated mailbox.


 
  • Obtain Client ID, Client Secret, Authorize URL, Access Token URL, and Scope from the authorization server using the Redirect URL. We have tested mail fetching for EWS with Azure and Java Mail API with Gsuite. Click the link to know the step-by-step instructions to generate the client details from these servers.
  • Enter the time interval (in minutes) to fetch emails.

  • Select Enable Email Debug if required. This is used to analyze problems in fetching/sending emails.

  • Select Disable new request creation by email if you do not wish to add incoming emails as new requests.

  • Click Save.   The user consent window of the mail server pops up.

  • Provide your login credentials and submit your consent for the permissions.

  • A success message displays upon establishing a secure connection.

 

The application can now fetch emails from the mail server configured with OAuth authentication.


Configuring OAuth for Outgoing Mail Settings 

To configure OAuth for incoming mail,

  • Go to Admin >> Helpdesk >> Mail Server Settings >> Outgoing.

  • Choose the Connection Protocol. 

    • If you choose SMPT/SMPTS:

      • Choose OAuth as the Authentication Type and enter the Server Name/IP Address, Alternate Server Name/IP Address. 

      • Provide the Sender Name and Reply to email address.

      • Enter the Username of the associated mailbox and choose the Protocol.

      • Enable TLS if required.

      • The relevant Port will be auto-populated. You can modify the port if required.

 



    • If you choose EWS:

      • Provide the Connect URL and the Username of your mail box.

      • Enter the Sender Name, and Reply to email address.



 
  • Obtain Client ID, Client Secret, Authorize URL, Access Token URL, and Scope from the authorization server using the Redirect URL. We have tested mail sending for EWS with Azure and Java Mail API with Gsuite. Click the link to know the step-by-step instructions to generate the access tokens from these servers.

  • Click Save. The user consent window of the mail server pops up.

  • Provide your login credentials and submit your consent for the mentioned permissions. The configuration is completed with the display of a success message.

 

The application can now send emails from the mail server configured with OAuth authentication.

    • Related Articles

    • OAuth for Mail Server Configuration

      Introduction   OAuth is a standard authorization protocol that provides delegated access to a protected resource using web tokens instead of passwords. With OAuth, resource owners can configure separate permissions for each client requesting access ...
    • FAQs on OAuth Authentication for Mail Server

      Why should I move to OAuth2.0?  Google and Microsoft will soon withdraw basic authentication support for mail servers by February 2021 and October 2020, respectively. Therefore, it is advisable for users to switch to OAuth authentication. What are ...
    • Mail Server Configuration

      Mail server configuration is essential to receive requests via email, send notifications, surveys etc. This is a portal-specific configuration.  To configure a mail server, go to Admin > Main Settings > Mail Server Settings.   Configuring Settings ...
    • Configuring GSuite as the Authentication Server

      To configure G Suite as the authentication server, Log in to console.developers.google.com. In the dashboard, click Create to create a new project. Enter the Project Name. Under Location, click Browse and select the parent organization. Click ...
    • Configuring Azure as the Authentication Server

      To configure Azure as the authentication server, Log in to portal.azure.com. Under Azure services, click App registrations >> New registration. In the displayed page, enter a Name of your choice and choose the Supported account types. Under Redirect ...