Howto16r1:Configure OAuth2 E-Mail: Difference between revisions

Revision as of 12:26, 2 October 2025

FIXME: This product is in the beta phase and is not yet finished

innovaphone PBX and apps can be configured to send E-Mails for various subjects and purposes. Major E-Mail providers intent to discontinue the username/password authentication schemes in favour of OAuth2. PBX and Apps version 16r1 does support OAuth2 authentication for SMTP. Here is a step by step guide how to set up OAuth2 support in Microsoft 365 through the Azure Portal.

Microsoft 365

Log in to Microsoft Azure Portal (https://portal.azure.com) and go to Microsoft Entra ID.

Add a new app registration to create client credentials.

Register the application and maybe already fill in the redirect URI for Web based application type to path OAUTH2-CLIENT/auth.htm at the PBX.

App registration is complete. Client ID and tenant needs to be configured at the PBX and every app that will be sending e-mails.

Create a client secret.

Copy the client secret. It also needs to be configured at the PBX and every app that will be sending e-mails.

Add permissions located in APIs my organization uses.

/AzureAddApiPermissionMyOrganization.png

More precisely located in Office 365 Exchange Online.

And there in the application permissions.

Namely SMTP Mail.Send.

Grant admin permission for Mail.Send.

API permissions are now granted.

Tell all redirect URIs that the PBX and the apps will be using during interactive authorization.

Allow public client flows of OAuth2. Resource Owner Password Credentials Flow has the advantage that it doesn't need interactive authorization.

Log in to the Microsoft 365 admin center (https://admin.cloud.microsoft).

Make sure that Microsoft 365 licenses are assigned to your user.

Set your user active.

Locate the Mail tab of your user.

Allow authenticated SMTP.

Login to the Exchange admin center (https://admin.exchange.microsoft.com).

Remove deactivation of the SMTP AUTH protocol.

With this Microsoft setup the OAuth2 configuration for the resource owner password credentials flow can be filled in as follows.

/OAuth2ResourceOwnerPasswordCredentials.png

For interactive authorization this is the OAuth2 configuration. Authorize e-mail access one time and send a test mail to verify everything went well.

@@ Line 34: / Line 34: @@
 Log in to the Microsoft 365 admin center (https://admin.cloud.microsoft).
 [[File:MS365AdminCenter.png|none|thumb|600x600px|/MS365AdminCenter.png|/MS365AdminCenter.png]]
-Assign Microsoft 365 licenses to your user.
+Make sure that Microsoft 365 licenses are assigned to your user.
 [[File:MS365UserLicenses.png|none|thumb|600x600px|/MS365UserLicenses.png|/MS365UserLicenses.png]]
 Set your user active.
@@ Line 47: / Line 47: @@
 [[File:ExchangeRemoveDeavtivatedOAuth2.png|none|thumb|600x600px|/ExchangeRemoveDeavtivatedOAuth2.png|/ExchangeRemoveDeavtivatedOAuth2.png]]
 With this Microsoft setup the OAuth2 configuration for the resource owner password credentials flow can be filled in as follows.
-[[File:OAuth2ResourceOwnerPasswordCredentials.png|none|thumb|600x600px|/OAuth2ResourceOwnerPasswordCredentials.png]]
+[[File:OAuth2ResourceOwnerPasswordCredentials.png|none|thumb|600x600px|/OAuth2ResourceOwnerPasswordCredentials.png|/OAuth2ResourceOwnerPasswordCredentials.png]]
 For interactive authorization this is the OAuth2 configuration. Authorize e-mail access one time and send a test mail to verify everything went well.
-[[File:OAuth2InteractiveAuthorization.png|none|thumb|600x600px|/OAuth2InteractiveAuthorization.png]]
+[[File:OAuth2InteractiveAuthorization.png|none|thumb|600x600px|/OAuth2InteractiveAuthorization.png|/OAuth2InteractiveAuthorization.png]]

Howto16r1:Configure OAuth2 E-Mail: Difference between revisions

Revision as of 12:26, 2 October 2025

Microsoft 365

Navigation menu

Search