N O T I C E
MSPbots WIKI is moving to a new home at support.mspbots.ai to give you the best experience in browsing our Knowledge Base resources and addressing your concerns. Click here for more info!
Page History
The From field in MSPbots emails in MSPbots , notifications, and reports is customizable to use your company email instead of the default default support@mspbots.ai. This article shows how to change the sender's email address using the OAuth2 method for more secure authorization.
What's on this page:
Table of Contents | ||
---|---|---|
|
Background information
...
OAuth (Open Authorization) 2.0 is the modern standard to allow a website or application to access resources hosted by other web apps on behalf of a user. It adds security by providing consented access and restricting client actions performed on resources without sharing the user's credentials.
Now that basic authentication will be disabled and OAutho OAuth 2.0 is the new de facto industry standard for online authorization, MSPbots offers an option to add an extra authentication step in setting up the SMTP configuration for modifying the the From field address for outgoing emails and sending reports. Users now have the option to use OAuth 2.0 in the Outgoing Mail settings.
If you prefer using only the basic authentication to modify the Outgoing Mail settings, refer to the article How to Configure the Outgoing Mail Using Basic Authentication.
Prerequisites for editing the Outgoing Mail settings
...
You must have the following to perform the procedure below:
- Admin permissions
- Inclusion in the Azure Active Directory (AAD)
- Outlook 365 license
- Application and developer roles for configuring the AAD
Gathering the MS OAuth 2.0 credentials for authorization
...
Follow these steps to generate the required information:
...
hostname Prepare the redirect uniform resource identifier (URI) which will handle the callback from the authorization server after the user grants permission. You must configure the redirect URI correctly to receive the authorization code or access token securely.
An example of a redirect URI is
https://yourapp.com/oauth/callback
whereyourapp.com
is the hostname. is https://app.mspbots.ai/web/um/smtp/redirect. Once the authorization is successful, Microsoft will use this URI to notify MSPbots about the authentication result.You can find this information with the following steps:
Go to Settings > System > Outgoing Mail in MSPbots.
Click v icon beside the +Add button and select OAuth2.
When the Add window opens, go to the Redirect URI field, copy the given URL to Notepad, and save it on your Desktop. You will need this later when adding a New registration.Anchor Redirect URI Redirect URI
- Sign in to the Microsoft Azure portal and secure the credentials needed for the OAuth 2.0 authorization.
Create a new app registration.
On the Microsoft Azure homepage, click App registrations. . If you can't find App registrations on the page, search for it in the search bar.
When the App registrations page opens, click the +New registration tab.
In the Register an application form:
Name - Enter a Name unique namefor your application.
Supported account types -Select Account in this organizational directory only (MSPbots.ai only - Single tenant) from the options for Supported account types.
Enter the redirect URI from Step 1Redirect URI (optional) - In the first box, select Web, and in the second box, enter the Redirect URI copied from Step 1.c.
Click Register.
Next, go to Certificates & secrets
inon the sidebar menu, then click +New client secret on the right under the Client secrets tab.
On In the Add a client secret window:Anchor idandsecret idandsecret Description - Add a description.
Expires - Select an expiry date from the Expires dropdown menu.
Note Before the secret expires you must create a new secret and apply it to the MSPbots Outgoing Mail settings.
- Click the copy icon to copy the generated Value and Secret ID. You will use these values Add located at the bottom of the Add a client secret window.
The addition is successful once the Update application credentials pop-up window appears.
Click the copy icon in the Value column to copy the value to Notepad and save it on your Desktop. You will need this value later when configuring OAuth 2.0 in the mail settings.Anchor Value Value
.
Next, go to API Permissions on the sidebar menu.
- Click the +Add a permission button.
- In requesting API permissions window, go to the Microsoft APIs tab and select Microsoft Graph.
- Next, select Delegated permissions.
- Enter SMTP in the search bar under Select permissions, then click SMTP and select SMTP.Send.
- Enter IMAP in the search bar under Select permissions, then click IMAP and put a checkmark IMAP.AccessAsUser.All.
- Click the Add permissions button.
- The permissions you added will appear in the Configured permissions list.
- Click the +Add a permission button.
- Next, go to the Overview.
Click the copyicon next to the Application (client) ID to copy the value to Notepad and save it on your Desktop. You will also use this value for creating the OAuth 2.0 credential in the mail settings.Anchor Application (client) ID Application (client) ID - Click the Endpoints tab.
Next, go back to the Overview and click the Endpoints tab.
Copy the OAuth 2.0 authorization endpoint (v2) and the OAuth 2.0 token endpoint (v2) to your local desktopNotepad and save it on your Desktop, such as Notepad. You will also use these values for creating the OAuth 2.0 credential in the mail settings.Anchor authandtokenurl authandtokenurl Set API Permissions:
Navigate to API permissions on the sidebar menu and click the Add a permission button on the API Permissions page of your application.
Select the Microsoft APIs you need access to. Example: Microsoft Graph
Next, select Delegated permissions and enter SMTP.Send in the Select permissions field.
Click the Add permissions button.
Anchor | ||||
---|---|---|---|---|
|
...
- Open the MSPbots app and go .
- Go to Settings > System. Click , and click Outgoing Mail in the upper right corner of the Settings tabSystem page.
- Click Add v v icon on the right side of the +Add button and select OAuth2.
- Fill in the following fields :in the Add window.
- Host Name - Use the information in Step 1 of the previous sectionThis value is pre-filled.
- Authorization URL and Token URL - Use the values from Step 36.h of c of the previous section.
- Redirect URI - This value is pre-filled.
- Client ID - Use the values from Step 6.a of the previous section.
- and Client Secret - et Use the values generated in in Step 34.fc of the previous section.
- Username - Enter your username.
- Reply to - Enter your preferred email.
- Signature - Input your signature.
- Click Authorize.
- When the confirmation pop-up window opens, click Continue.
- On the Microsoft login screen, enter the user password you provided in the OAuth 2.0 credential and click Sign Inin.
- Click Accept in the Microsoft pop-up window with the requested requesting permissions for MSPbots.
- The message Authentication successful oauth redirect success appears.
Verifying if the authentication is successful
...
To Go back to MSPbots and refresh the Outgoing Mail page to verify if the configuration works, refresh the mailbox list page. The mailbox status should show show Verified for a successful authentication. If the status is Not Verified, repeat Step 4 onwards repeat Setting up OAuth 2.0 in MSPbots until the authorization is successful.
Related Topics
...
Content by Label | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|