Skip to Content (Press Enter)
2020-09-11 18-53-44
Stacey Levine
157Views
9Comments
How to configure email NOT using Basic Auth
Question
Email
Reactive
Traditional Web
Service
Application Type
Traditional Web, Reactive, Service
Service Studio Version
11.54.77 (Build 63584)
Platform Version
11.25.0 (Build 41684)

Both Microsoft and Google have stopped allowing basic authentication. How can we configure the OS Platform to send emails using the new requirements. For reference, here is the MS note:  https://support.microsoft.com/en-us/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d

0
0
02 Oct 2024
Copy Link
2024-09-17 12-24-07
Rammurthy Naidu Boddu
Champion
AI Generated

Hi @Stacey Levine

Using oAuth2 we can do it. 

1. Configuring Office 365 (Microsoft Exchange) with OAuth2

Step 1: Register Your Application in Azure Active Directory (Azure AD)

  1. Go to Azure Portal and log in.
  2. Navigate to Azure Active Directory > App registrations.
  3. Click on New registration:
    • Give your app a name (e.g., OutSystems Email).
    • Select Accounts in this organizational directory only if you are working within your organization.
    • Set the redirect URI (you can update this later if required).
  4. After registering, note down the Application (Client) ID and Directory (Tenant) ID.

Step 2: Add API Permissions

  1. Navigate to API Permissions in the left-hand menu.
  2. Click Add a permission > Microsoft Graph > Delegated permissions.
  3. Search for and add the following permissions:
    • Mail.Send
    • Mail.ReadWrite
    • offline_access (optional, for refresh tokens).
  4. Grant admin consent for your application to make sure these permissions are applied.

Step 3: Create a Client Secret

  1. Go to Certificates & secrets.
  2. Click New client secret, and give it a description (e.g., OutSystems Email Secret).
  3. Set the expiration period and click Add.
  4. Copy and save the Client Secret, as it will be used in OutSystems.

Step 4: Acquire OAuth2 Token Programmatically in OutSystems

  1. Implement the OAuth2 flow in OutSystems to acquire the Access Token using the Authorization Code grant type.

    • You can use the HTTP Request component in OutSystems to call Azure’s token endpoint and get an OAuth2 token.
    • The URL for token acquisition is:
      • bashCopy codehttps://login.microsoftonline.com/{tenant}/oauth2/v2.0/token

    Where {tenant} is your Azure AD tenant ID.

  2. You’ll need to send the following parameters in the request body:

    • client_id: Your Azure AD App’s Client ID.
    • client_secret: The secret you created.
    • scope: https://graph.microsoft.com/.default.
    • grant_type: client_credentials.
    • resource: https://graph.microsoft.com/.

Step 5: Configure SMTP in OutSystems

Once you have the OAuth2 token, configure OutSystems email sending using the following details:

  • SMTP Server: smtp.office365.com
  • Port: 587 (for TLS) or 465 (for SSL)
  • Authentication Type: OAuth2
  • Token: Use the OAuth2 token acquired.

2. Configuring Gmail with OAuth2

Step 1: Create a Google Cloud Project

  1. Go to Google Cloud Console.
  2. Create a new project (or select an existing one).
  3. Navigate to APIs & Services > Credentials.
  4. Click Create Credentials > OAuth 2.0 Client IDs.
  5. Set the application type to Web application and configure the redirect URIs if needed.

Step 2: Enable Gmail API

  1. In the Google Cloud Console, navigate to Library.
  2. Search for and enable the Gmail API.

Step 3: Generate OAuth2 Credentials

  1. After enabling the API, go to Credentials > Create Credentials > OAuth2 Client ID.
  2. Set up your OAuth2 credentials (you will get a Client ID and Client Secret).
  3. Make sure the OAuth consent screen is set up correctly.

Step 4: OAuth2 Flow in OutSystems

  1. Use OutSystems to call Google’s OAuth2 token endpoint:

    bashCopy codehttps://oauth2.googleapis.com/token

    The request body should include:

    • client_id: Your Google app’s Client ID.
    • client_secret: The secret you created.
    • grant_type: authorization_code.
    • code: The authorization code received after user authentication.
    • redirect_uri: The URI registered in Google Cloud Console.

  2. Handle the token acquisition and use the Access Token for subsequent requests.

Step 5: Configure SMTP in OutSystems

Once you acquire the OAuth2 token, configure the SMTP settings in OutSystems:

  • SMTP Server: smtp.gmail.com
  • Port: 587 (TLS) or 465 (SSL)
  • Authentication Type: OAuth2
  • Token: Use the OAuth2 token acquired.
0
0
04 Oct 2024
Copy Link
This answer was AI-generated. Please read it carefully and use the forums for clarifications
2020-09-11 18-53-44
Stacey Levine

Unfortunately, there is no token authentication option:

0
0
04 Oct 2024
Copy Link
UserImage.jpg
Krishanu Deb Roy

Hi Rammurthy,

Thank you for explaining the steps in detail for oAuth2 authentication.

We've configured oAuth2 in Service Center and it does generate a token when tested. Where to use this token while sending emails in Step 5, if you could explain please.


0
0
24 Apr 2025
Copy Link
2022-09-05 11-03-57
Sérgio Miranda
Staff

Hello Stacey,
The link you provided seems to be related to the end of support for Basic Authentication in Microsoft Outlook, the email client.
I think this one about deprecating Basic Authentication support in Exchange Online would be relevant for those using Microsoft365 SMTP services and they suggest an alternative.
https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-to-retire-basic-auth-for-client-submission-smtp/ba-p/4114750

0
0
04 Oct 2024
Copy Link
2020-09-11 18-53-44
Stacey Levine

For this use case, we have been using the free outlook.com email accounts. With those accounts, I can't find a way to do what the links you have provided suggest. Those all appear to be for paid email accounts only.

0
0
04 Oct 2024
Copy Link
2022-09-05 11-03-57
Sérgio Miranda
Staff

Replying to Stacey Levine's comment on 04 Oct 2024 19:56:41


You are right and I wrongly assumed that that the only Microsoft option would be Microsoft36.
If you are looking to keep it free and you have very low usage there are some email services with free plans that allow SMTP relay, with limits on the daily sending.

0
0
08 Oct 2024
Copy Link
UserImage.jpg
Alexandre Yip

Hi Stacey, 

You need to use the Microsoft Graph api to send the emails and disable the built in email sent on service center servers tab

Check out here the how to start 

https://itnext.io/getting-started-with-outsystems-and-microsoft-graph-123006356d41

Regards 

0
0
05 Oct 2024
Copy Link
2020-09-11 18-53-44
Stacey Levine

Part of the reason for this post is that I should be able to use the built in functions. I was trying to avoid going the route of creating my own email function. I can, but that means that this feature is no longer useful

0
0
08 Oct 2024
Copy Link
2023-10-05 11-52-37
benferreira

Hello Stacey.

Even though that Microsoft removed the possibility to do basic authentication, luckily, google is still allowing authentication with app passwords. And as far as I saw, there are no plans to remove this auth method. Please refer to: https://support.google.com/a/answer/14114704?hl=en

Nevertheless I would expect that in the future google will also stop allowing it.
Let's hope that this gives enough time to Outsystems to allow built-in authentication with OAuth :) . It would be very handy to say the least ;)

Best regards,

Ben

0
0
05 Dec 2024
Copy Link
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.