FAQs on OAuth Authentication for Mail Server
Why should I move to OAuth2.0?
Google and Microsoft will soon withdraw basic authentication support for mail servers by February 2021 and October 2020, respectively. Therefore, it is advisable for users to switch to OAuth authentication.
What are the supported mail servers in OAuth?
We have tested OAuth authentication with Microsoft Outlook (Office 365) and Gmail (G Suite/Google Workspace). Click the respective links to learn how to generate access tokens from these servers.
You can also connect to a different service provider, but SupportCenter Plus provides support only for Microsoft Azure (for O365) and G Suite (for Gmail).
What are the supported protocols in OAuth?
For outlook, we support EWS only.
For Gmail, we support IMAPS, SMTP, and SMTPS protocols.
Is OAuth supported by both Linux and Windows variants of SupportCenter Plus?
Currently, the OAuth support is available only for Windows variants of SupportCenter Plus.
What are the application requirements to configure OAuth?
For Microsoft Outlook, your application must be running in HTTPS mode.
For Gmail, your hostname must end with a public top-level domain (TLD) such as .com, .org, etc.
Can I configure OAuth for an existing mail account?
Yes. You can configure OAuth for an existing account.
Can I use an existing App/Project configured in my Authorization Server to authenticate SupportCenter Plus?
Yes, you can use the Client Details of your existing App/Project in your authorization server to authenticate SupportCenter Plus. Make sure that you add the Redirect URL of SupportCenter Plus to the App/Project and save it.
What is Redirect URL and where should I configure it?
Redirect URL or Reply URL is the URL to which the Authorization Server sends confidential response data. Copy-paste the Redirect URL to the application details in the Authorization Server and save it.
On clicking Save, I am getting an error stating "Redirect URL or reply URL invalid/mismatch". What should I do?
Check if you have added the application server's redirect URL to your authorization server's list of redirect URLs. Learn how to do this here. Ensure that you have saved the settings.
On clicking Save, a message displays stating "Redirecting to the configured server's authentication page", but nothing happens. Why?
A popup should appear, but browsers usually block popups. Make sure to look out for alerts or check the browser's URL bar if the popup is blocked. If yes, choose the option to allow pop-ups and try again. If it still fails, try using a different browser.
What will happen if user details are incorrect while signing in the user-consent window?
If the user details are incorrect, you will not be able to connect. Click Save to retry signing in.
After authenticating, the user-consent window becomes blank or redirects to the application login page. What should I do?
Check if the hostname you are accessing is the same as in the redirect URL. For example, when the redirect URL is https://helpdesk.zylker.com/ but you are accessing the application using the IP address, you will be redirected to the redirect URL from where you might not have signed in.
What will happen if my access token expires?
When your access token gets expired, a new access token will be automatically generated using the refresh token.
Do we get any notification if the access token expires?
Users will not be notified on the expiry of an access token. The application automatically generates a new access token.
Do refresh tokens expire?
Refresh Tokens may or may not expire depending on the configurations of your service provider.
How would I know if my refresh token expired?
When your refresh token expires, the corresponding portal's mail fetching/sending will fail as the application cannot authenticate the mail server.
What should I do if my refresh token expires?
If your refresh token has expired, you must generate new tokens from the authorization server by repeating the configurations given here.
What is my next step, if OAuth settings failed to connect to the mail server?
Check whether the account specified in the Mail Server Settings page and the one you signed in with are the same.
What will happen if I use a mail address or the same account in more than one portal?
You will not be allowed to configure the same account for mail fetching in more than one portal. However, you may configure the same account for mail sending in different portals.
Related Articles
OAuth Authentication for Mail Server
Introduction OAuth is a standard authorization protocol that provides delegated access to a protected resource using web tokens instead of passwords. With OAuth, resource owners can configure separate permissions for each client requesting access ...OAuth for Mail Server Configuration
Introduction OAuth is a standard authorization protocol that provides delegated access to a protected resource using web tokens instead of passwords. With OAuth, resource owners can configure separate permissions for each client requesting access ...Outgoing Mail Server Settings
Configure your organization's mail server to send emails. Outgoing mail server settings must be configured to trigger email notifications for the following settings. Two-Factor Authentication Backup Scheduling Security Settings Performance Settings ...Incoming Mail Server Settings
Configure your organization's mail server to receive and process incoming emails. You can use email protocols (POP, IMAP, POPS, or IMAPs), Exchange Web Services (EWS), or Microsoft Graph to connect SupportCenter Plus with the mailbox. Role Required: ...Troubleshooting Mail Server Settings
Troubleshooting Mail fetching problems After you configure the mail server, test the settings by fetching a sample mail. To do so, click the Fetch a sample mail button. If the settings are configured right and the connection is successful, the oldest ...