| At line 1 removed one line |
| Google Mail requires OAUTH2 for authentication (for more information : [https://developers.google.com/gmail/imap/imap-smtp]).\\ |
| At line 3 changed 3 lines |
| It requires several steps to configure.\\ |
| You will start at Google API's and Service:\\ |
| [https://console.developers.google.com/projectselector/apis/credentials]\\ |
| !1. Google Mail OAuth 2.0\\ |
| __Google Mail__ through __SMTP__/__IMAP__ requires __OAuth 2.0__ ([OAuth Wikipedia Link|https://en.wikipedia.org/wiki/OAuth]) for authentication. This is part of Google’s effort to enhance security by deprecating less secure app access (basic authentication using just a username and password). OAuth 2.0 offers a more secure, token-based system that supports modern features like multi-factor authentication, granular permission scopes, and token expiration for better protection against credential theft. For technical implementation details, see Google’s documentation here : [Google IMAP-SMTP Link|https://developers.google.com/gmail/imap/imap-smtp].\\ |
| At line 7 changed one line |
| Setup Oauth Consent (if was not yet created), make an internal one: \\ |
| ---- |
| __⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains for Google Mail Authentication: __oauth2.googleapis.com__\\ |
| ---- |
| At line 9 changed one line |
| [attachments|create_consent.png]\\ |
| Start by navigating to Google APIs & Services: [Google APIs & Services Link|https://console.developers.google.com/projectselector/apis/credentials]\\ |
| __⚠️ Note:__ Ensure sure the __GMAIL API__ is enabled at __Enabled APIs & services__. [Google API Library Link|https://console.cloud.google.com/apis/library]\\ |
| At line 11 changed one line |
| Set the support emails, the application domain and save it. |
| [SMTP Google Mail Integration/g_api_services.png]\\ |
| At line 13 changed 2 lines |
| [attachments|consent_settings_1.png]\\ |
| [attachments|consent_settings_2.png]\\ |
| [SMTP Google Mail Integration/gmail_api_enabled.png]\\ |
| At line 16 changed 2 lines |
| Go to the Credentials menu and create new credentials, choose OAuth client ID: |
| [attachments|create_credentials.png]\\ |
| Go to the __Credentials__ menu, click on __Create Credentials__, and select __OAuth client ID__:\\ |
| At line 19 changed one line |
| Choose Web application: |
| [SMTP Google Mail Integration/create_credentials.png]\\ |
| At line 20 added 12 lines |
| Select the application type: __Web application__. Provide a unique name. Then, configure the __Authorized redirect URI__—this is where Google will redirect you after authorization.\\ |
| The Redirect URL must end with __?command=register_google_mail_api__.\\ |
| \\ |
| {{{ |
|
| http://127.0.0.1:9090/?command=register_google_mail_api |
| or |
| https://your.crushftp.domain.com/?command=register_google_mail_api |
| }}}\\ |
| \\ |
| Finally, click the __Create__ button.\\ |
| \\ |
| At line 23 changed one line |
| It is required to set up the Authorized Redirect URIs. You can domain (where your CrushFTP is available), or localhost. The URI needs to end with:\\ |
| After the credentials are created, copy the __Client ID__ and __Client Secret__.\\ |
| \\ |
| [SMTP Google Mail Integration/client_id_secret.png]\\ |
| \\ |
| __⚠️ Note:__ You can configure the __OAuth consent screen__ by clicking the link above the __Authorized JavaScript origins__ section:\\ |
| "The domains you enter in the fields below will be automatically added to your __OAuth consent screen__ as __authorized domains__."\\ |
| Click the link to open the __OAuth consent screen__ settings, complete the configuration, and authorize your __CrushFTP domain.__\\ |
| ---- |
| !2. SMTP Settings\\ |
| \\ |
| Navigate to __Server Admin__ -> __Preferences__ -> [General Settings] -> __SMTP Settings__:\\ |
| \\ |
| [SMTP Google Mail Integration/smtp_config.png]\\ |
| \\ |
| __SMTP Server Used for Emailing__: Enter the SMTP server address used for sending emails, such as __smtp.gmail.com__, using the default port __587__.\\ |
| At line 25 changed one line |
| ?command=register_google_mail_api |
| smtp.gmail.com:587 |
| At line 28 changed one line |
| After Credentials are created copy the Client ID and Secret.\\ |
| __SMTP Server Username, Password__: If the SMTP server address ends with __gmail.com__, the corresponding __Get Refresh Token__ button will appear. Click that button to proceed.\\ |
| __!!! Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Google APIs & Services__-> __Credentials__ -> __OAuth 2.0 Client IDs__. In our example, it was: http://127.0.0.1:9090 or https://your.crushftp.domain.com/\\ |
| At line 30 changed 3 lines |
| Now if your credentials are setup, and your redirect domains are configured, you can use the credentials in CrushFTP to get your google auth token and get access.\\ |
| In the Preferences -> General Settings -> SMTP Settings, at "SMTP Server Username :" input field put the client_id and secret separated with tilda. |
| Take your google client_id and secret and combine them together with a tilda as separator:\\ |
| Enter the __Client ID__ , __Client Secret__. Proceed with the authentication and authorization process. __!!! Note__: Be sure to sign in with the __Google Account__ that has the __necessary permissions__, as configured in the __Google APIs & Services__-> __Credentials__ -> __OAuth 2.0 Client IDs__. This will automatically configure the __SMTP Server Username__ and __SMTP Server Password__.\\ |
| \\ |
| [SMTP Google Mail Integration/oauth_form.png]\\ |
| \\ |
| If the domain is unverified, a warning message may appear. Click __Advanced__ and choose to proceed:\\ |
| \\ |
| [SMTP Google Mail Integration/not_verified_domain.png]\\ |
| \\ |
| Click on the __Allow__ button:\\ |
| \\ |
| [SMTP Google Mail Integration/allow_form.png]\\ |
| \\ |
| __From email address__: You must also specify the __From__ email address. __!!! Imnportant__ The __From__ address must exactly match __the signed-in Google user’s email address__ (i.e., the account used to obtain the refresh token). Otherwise, SMTP authentication will fail.\\ |
| \\ |
| Make sure to enable the __SSL/TLS__ flag to ensure a secure connection.\\ |
| \\ |
| ---- |
| !3. PopImapTask\\ |
| \\ |
| Select the __IMAPS__ protocol.\\ |
| See the description: [Google IMAP-SMTP Link|https://developers.google.com/gmail/imap/imap-smtp]\\ |
| \\ |
| [SMTP Google Mail Integration/pop_imap_task.png]\\ |
| \\ |
| __Host:__\\ |
| At line 34 changed 2 lines |
| client_id: 725111111110-7kaimtXXXXXXXXXXXXXXXXXXXXX64m4k.apps.googleusercontent.com |
| secret: fEsXXXXXXXXXXXXXXXXPggg7 |
| imap.gmail.com |
| At line 37 changed 4 lines |
| results in: |
| {{{ |
| 725111111110-7kaimtXXXXXXXXXXXXXXXXXXXXX64m4k.apps.googleusercontent.com~fEsXXXXXXXXXXXXXXXXPggg7 |
| }}}\\ |
| __Port__: __993__\\ |
| If the __Host__ contains __gmail.com__, the corresponding __Get Refresh Token__ button will appear.\\ |
| Configure the __1. Google Mail OAuth 2.0__ [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SMTP%20Google%20Mail%20Integration#section-SMTP+Google+Mail+Integration-1.GoogleMailOAuth2.0]\\ |
| At line 42 changed one line |
| That whole long string becomes your smtp user name. Copy and paste it into the "SMTP Server Username :" input field. Then click "Get mail refresh token" to get the "SMTP Server Password".\\ |
| __⚠️ Note__: To obtain the Refresh Token, the CrushFTP WebInterface’s host and port must match the Redirect URL specified in the __Google APIs & Services__-> __Credentials__ -> __OAuth 2.0 Client IDs__. In our example, it was: http://127.0.0.1:9090 or https://your.crushftp.domain.com/\\ |
| At line 44 changed 2 lines |
| If your domain is not verified you will get a warning message:\\ |
| [attachments|not_verified_domain.png]\\ |
| Enter the __Client ID__ , __Client Secret__. Proceed with the authentication and authorization process. __!!! Note__: Be sure to sign in with the __Google Account__ that has the __necessary permissions__, as configured in the __Google APIs & Services__-> __Credentials__ -> __OAuth 2.0 Client IDs__. This will automatically configure the PopImapTask's __Mail Username__ and __Mail Password__.\\ |
| At line 47 changed one line |
| Once it is finished the "SMTP Server Password" input field will be filled with the refresh token.\\ |
| [SMTP Google Mail Integration/oauth_form.png]\\ |
| At line 49 changed one line |
| "From email address :" is also required. Put your google email address there. It will be used as smtp username for the authentication process.\\ |
| If the domain is unverified, a warning message may appear. Click __Advanced__ and choose to proceed:\\ |
| At line 51 changed one line |
| [attachments|smtp_config.png]\\ |
| [SMTP Google Mail Integration/not_verified_domain.png]\\ |
| At line 98 added 14 lines |
| Click on the __Allow__ button:\\ |
| \\ |
| [SMTP Google Mail Integration/allow_form.png]\\ |
| \\ |
| __⚠️ Note:__ Since the email address is required after obtaining the refresh token, the Mail Username field must be adjusted.\\ |
| Enter your email address followed by a tilde (~) at the beginning of the Mail Username field.\\ |
| \\ |
| {{{ |
| Mail Username : <<your email address>>~<<what was before>> |
| }}} |
| \\ |
| For more information, see the general POP/IMAP Task description: [POP/IMAP Task – CrushFTP Documentation Link| https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CrushTask#section-CrushTask-POP3IMAP]\\ |
| \\ |
|
