Howto16r1:Configure OAuth2 E-Mail: Difference between revisions
No edit summary |
No edit summary |
||
| Line 4: | Line 4: | ||
== Microsoft 365 == | == Microsoft 365 == | ||
[[File:AzureMicrosoftEntraID.png|none|thumb|600x600px]] | |||
Log in to Microsoft Azure Portal (<nowiki>https://portal.azure.com</nowiki>) and go to Microsoft Entry ID | |||
Add a new app registration to create client credentials. | |||
[[File:AzureAddAppRegistration.png|none|thumb|600x600px|/AzureAddAppRegistration.png|/AzureAddAppRegistration.png]] | [[File:AzureAddAppRegistration.png|none|thumb|600x600px|/AzureAddAppRegistration.png|/AzureAddAppRegistration.png]] | ||
Register the application and maybe already fill in the redirect URI for Web based application type to path OAUTH2-CLIENT/auth.htm at the PBX. | Register the application and maybe already fill in the redirect URI for Web based application type to path OAUTH2-CLIENT/auth.htm at the PBX. | ||
| Line 29: | Line 31: | ||
Tell all redirect URIs that the PBX and the apps will be using during interactive authorization. | Tell all redirect URIs that the PBX and the apps will be using during interactive authorization. | ||
[[File:AzureRedirectUris.png|none|thumb|600x600px|/AzureRedirectUris.png|/AzureRedirectUris.png]] | [[File:AzureRedirectUris.png|none|thumb|600x600px|/AzureRedirectUris.png|/AzureRedirectUris.png]] | ||
Allow public client flows of OAuth2. | Allow public client flows of OAuth2. Resource Owner Password Credentials Flow has the advantage that it doesn't need interactive authorization. | ||
[[File:AzureAllowPublicClientFlows.png|none|thumb|600x600px|/AzureAllowPublicClientFlows.png|/AzureAllowPublicClientFlows.png]] | [[File:AzureAllowPublicClientFlows.png|none|thumb|600x600px|/AzureAllowPublicClientFlows.png|/AzureAllowPublicClientFlows.png]] | ||
Log in to the Microsoft 365 admin center (https://admin.cloud.microsoft). | |||
[[File:MS365AdminCenter.png|none|thumb|600x600px|/MS365AdminCenter.png|/MS365AdminCenter.png]] | [[File:MS365AdminCenter.png|none|thumb|600x600px|/MS365AdminCenter.png|/MS365AdminCenter.png]] | ||
16 | 16 | ||
Revision as of 22:35, 1 October 2025
|
FIXME: This product is in the beta phase and is not yet finished |
innovaphone PBX and apps can be configured to send E-Mails for various subjects and purposes. Major E-Mail providers intent to discontinue the username/password authentication schemes in favour of OAuth2. PBX and Apps version 16r1 does support OAuth2 authentication for SMTP. Here is a step by step guide how to set up OAuth2 support in Microsoft 365 through the Azure Portal.
Microsoft 365
Log in to Microsoft Azure Portal (https://portal.azure.com) and go to Microsoft Entry ID
Add a new app registration to create client credentials.
Register the application and maybe already fill in the redirect URI for Web based application type to path OAUTH2-CLIENT/auth.htm at the PBX.
App registration is complete. Client ID and tenant needs to be configured at the PBX and every app that will be sending e-mails.
Create a client secret.
Copy the client secret. It also needs to be configured at the PBX and every app that will be sending e-mails.
Add permissions located in APIs my organization uses.
More precisely located in Office 365 Exchange Online.
And there in the application permissions.
Namely SMTP Mail.Send.
Grant admin permission for Mail.Send.
API permissions are now granted.
Tell all redirect URIs that the PBX and the apps will be using during interactive authorization.
Allow public client flows of OAuth2. Resource Owner Password Credentials Flow has the advantage that it doesn't need interactive authorization.
Log in to the Microsoft 365 admin center (https://admin.cloud.microsoft).
16
17
18
19
20
21
22
23