Microsoft has officially announced that basic authentication will be deprecated as of October 1, 2022. After this date, it will no longer be possible to configure basic authentication for Exchange Online systems.
With the upcoming removal, it will be necessary to implement OAuth2 authentication.
Configuring OAuth2 authentication for an Office 365 account involves several steps and you will need administrative access to the Azure AD account associated with your Office 365 subscription.
Here is a simple explanation of the steps to follow:
- Register Ulyses Cloud as an application in Azure.
- Configure Permissions for the Application.
- Create a Client Secret.
- Obtain the Client Details.Implement the OAuth2 Flow in Ulyses Cloud.
1. Register ULYSES CLOUD as an application in Azure AD:
-Go to the Azure Portal and log in with your Microsoft account.
-Go to "App registrations".
-Click on "New registration".
-Provide a name for the application, choose the type of accounts that will be able to access it.
The redirect URL is not required to be entered.
2. Configure Permissions for the Application:
Once the application is registered, go to "API permissions" and add the necessary permissions to access Office 365 resources.
It is important, above all, to grant user and read permissions.
-
USERS AND GROUPS
It is necessary to grant access to the users who will be able to use the SMTP account (through the application registration).
- API PERMISSIONS
You must add all these permissions from the path shown on screen.
Note that there are application permissions and delegated permissions.
Once added, select the "Grant admin consent" option.
- 365 ADMIN CENTER
From the Microsoft 365 Admin Center, in the mailbox and user sections, make sure you have all these options enabled:
3. Create a Client Secret:
-In the application settings, go to "Certificates & secrets".
-Click on "New client secret", describe it and set a duration.
-Save the client secret value generated.
***The generated secret will only be visible the first time it is generated. It will not be visible again.
If it is lost, a new one will need to be generated.
Also keep in mind that it has an expiration date.
***In Ulyses Cloud you must enter the SECRET VALUE, not the secret id.
4. Obtain the Client Details:
-You will need the application (client) ID and the directory (tenant) ID, which you can find in the application settings in Azure AD.
5. Implement the OAuth2 Flow in Ulyses Cloud and use the credentials obtained (client ID, client secret, directory ID).
From Property Settings > email > SMTP accounts
You must enable the Microsoft OAUTH option and enter the requested information.
Application (client) Id = Microsoft graph client Id
Client secret/client credentials = Microsoft graph client secret Id
Directory (tenant) Id = Microsoft graph tenant Id
Then complete the smtp account information as usual:
And the process will be complete.