At line 1 changed one line |
About OAUTH2 for authentication (for more information : [https://docs.microsoft.com/en-us/graph/auth-v2-user]).\\ |
About OAUTH2 for authentication: [https://docs.microsoft.com/en-us/graph/auth-v2-user]\\ |
\\ |
!!!Microsoft Graph Application Registration |
\\ |
It requires Microsoft Graph Application registration. Start at the Microsoft Azure portal:\\ |
[https://azure.microsoft.com/en-us/features/azure-portal/]\\ |
\\ |
__Application registration: __Go to the App registrations and click on New registration:\\ |
\\ |
\\ |
[attachments|new_registration.png]\\ |
\\ |
Name it. Select the Multitenant and personal Microsoft accounts type. The redirect URL must end with register_microsoft_graph_api/. Then click on register.\\ |
\\ |
{{{ |
http://localhost:9090/register_microsoft_graph_api/ |
}}} |
\\ |
[attachments|register_app.png]\\ |
\\ |
Under the redirect URL configuration enable the __Access Token__ to be issued by the authorization endpoint:\\ |
\\ |
[attachments|SMTP Microsoft Graph XOAUTH 2 Integration/enable_access_token.png]\\ |
\\ |
[attachments|SMTP Microsoft Graph XOAUTH 2 Integration/ms_client_secet.png]\\ |
\\ |
__API permission:__ You also need to provide permission for the Microsoft Graph. Go to the Api permission. Click on Add permission, and select Microsoft Graph. Choose Delegated permission and add the " |
SMTP. Send" or/and "IMAP.AccessAsUser.All" permission:\\ |
\\ |
[attachments|permission_microsoft_graph.png]\\ |
[attachments|permission_final.png]\\ |
\\ |
__Client id: __ You can find it at Azure portal -> App Registration -> Overview:\\ |
\\ |
[attachments|client_id.png]\\ |
\\ |
__Secret key:__ A new client secret also needs to be created. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret:\\ |
\\ |
[attachments|new_secret.png]\\ |
\\ |
__!!!Warning__: Make sure that the user's __SMTP AUTH__ is enabled, otherwise SMTP authentication will fail. See description: [https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/authenticated-client-smtp-submission].\\ |
__Office 365__:Navigate to the Microsoft 365 Admin Center. [https://admin.microsoft.com/Adminportal/Home?#/homepage]. Select the user and enable authentication for SMTP. SMTP authentication will fail without that permission. XOAUTH authentication requires user-delegated permission. It means the user must be a real user: __users with authentication possibility and with a product license__.\\ |
[attachments|auth_smtp_office_365.png]\\ |
\\ |
!!!SMTP settings\\ |
\\ |
Provide the SMTP server used for emailing (like smtp.office365.com)\\ |
Click on the "Get Refresh Token" button.\\ |
__In order to get the Refresh token, CrushFTP WebInterface's host and port number must match with the redirect URL specified at Azure Application Registration.__\\ |
Provide the Client Id and Secret (from Azure App Registration) and "common" for the tenant input field.\\ |
\\ |
[attachments|smtp_get_refresh_token.png]\\ |
\\ |
Click on the OK button, and allow CrushFTP to have access to send email. __Make sure you sign in with the Microsoft Account which has permission to send emails (Configured on Azure's App Registration)!!!__ (SMTP.send is user-specific permission) As the end of the result, the SMTP Username and Password will fill the Client ID and the Refresh Token.\\ |
It is required to provide the email from the address too. __!!!The Email From address must match the signed-in Microsoft user's email address (the Microsoft Account used to gain the refresh token) otherwise, the SMTP authentication will fail.__\\ |
\\ |
[attachments|smtp_from_email.png]\\ |
\\ |
!!!PopImapTask |
\\ |
Make sure the IMAP protocol is enabled for the user. See the description: [https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/pop3-and-imap4/enable-or-disable-pop3-or-imap4-access].\\ __Office 365__:Navigate to the Microsoft 365 Admin Center. [https://admin.microsoft.com/Adminportal/Home?#/homepage]. Select the user and enable the IMAP protocol at "Manage email apps".\\ |
Provide the host and click on the Get Refresh Token button.\\ |
__In order to get the Refresh token, CrushFTP WebInterface's host and port number must match with the redirect URL specified at Azure Application Registration.__\\ |
Because the email address is essential after you got the refresh token, the Mail Username input field needs to be modified.\\ |
Put your email address ended with a tilde(~) at the beginning of the Mail Username input field.\\ |
\\ |
{{{ |
Mail Username : <<your email address>>~<<what was before>> |
}}} |
\\ |
[attachments|pop_imap_task.png]\\ |
\\ |