| At line 1 removed one line |
| About OAUTH2 for authentication: [Microsoft OAuth 2.0 : Get access on behalf of a user Link|https://docs.microsoft.com/en-us/graph/auth-v2-user]\\ |
| At line 3 changed 2 lines |
| __!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication:\\ |
| • login.microsoftonline.com\\ |
| !1. Microsoft Mail via OAuth 2.0 \\ |
| Traditionally, __SMTP__/__IMAP__ authentication with Microsoft services (like Outlook or Microsoft 365) used username and password. However, Microsoft now strongly recommends (and in many cases enforces) the use of __OAuth 2.0__ for authentication, especially for enhanced security and compliance.\\ |
| At line 6 changed one line |
| !!!Microsoft Graph Application Registration\\ |
| About OAuth 2.0 ([OAuth Wikipedia Link|https://en.wikipedia.org/wiki/OAuth]) for authentication: [Microsoft OAuth 2.0 : Get access on behalf of a user Link|https://docs.microsoft.com/en-us/graph/auth-v2-user]\\ |
| At line 7 added 2 lines |
| __!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication:\\ |
| • login.microsoftonline.com\\ |
| At line 15 changed one line |
| The Redirect URL must end with __"register_microsoft_graph_api/"__.\\ |
| The Redirect URL must end with __register_microsoft_graph_api/__.\\ |
| At line 49 changed one line |
| !!!SMTP settings\\ |
| ---- |
| !2. SMTP settings\\ |
| Navigate to __Server Admin__ -> __Preferences__ -> [General Settings] -> __SMTP Settings__:\\ |
| At line 51 changed one line |
| Enter the SMTP server address used for sending emails, such as smtp.office365.com, using the default port 587.\\ |
| __SMTP Server Used for Emailing__: Enter the SMTP server address used for sending emails, such as __smtp.office365.com__, using the default port __587__.\\ |
| At line 53 changed 5 lines |
| smtp.gmail.com:587 |
| }}} |
| Click on the "Get Refresh Token" button.\\ |
| __In order to get the Refresh token, CrushFTP WebInterface's host and port number must match with the redirect URL specified at Azure Application Registration.__\\ |
| Provide the Client Id and Secret (from Azure App Registration) and "common" for the tenant input field.\\ |
| smtp.office365.com:587 |
| }}}\\ |
| At line 59 added 5 lines |
| __SMTP Server Username, Password__: If the SMTP server address contains __office365__ or __outlook__, the corresponding __Get Refresh Token__ button will appear. Click that button to proceed.\\ |
| __!!! Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
| \\ |
| Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID). Proceed with the authentication and authorization process. This will automatically configure the __SMTP Server Username__ and __SMTP Server Password__.\\ |
| \\ |
| At line 61 changed 3 lines |
| Click on the OK button, and allow CrushFTP to have access to send email. __Make sure you sign in with the Microsoft Account which has permission to send emails (Configured on Azure's App Registration)!!!__ (SMTP.send is user-specific permission) As the end of the result, the SMTP Username and Password will fill the Client ID and the Refresh Token.\\ |
| It is required to provide the email from the address too. __!!!The Email From address must match the signed-in Microsoft user's email address (the Microsoft Account used to gain the refresh token) otherwise, the SMTP authentication will fail.__\\ |
| \\ |
| Click the __OK__ button, sign in with your Azure credentials, and grant access to CrushFTP.\\ |
| __!!! Note__: Be sure to sign in with the __Microsoft Account__ that has the __necessary permissions__, as configured in the Azure App Registration mentioned above.\\ |
| Once completed, the __SMTP Server Username__ and the __SMTP Server Password__ fields will be automatically populated with the Client ID and Refresh Token, respectively.\\ |
| \\ |
| __From email address__: You must also specify the __From__ email address. __!!! Important__ The __From__ address must exactly match __the signed-in Microsoft user’s email address__ (i.e., the account used to obtain the refresh token). Otherwise, SMTP authentication will fail.\\ |
| \\ |
| Make sure to enable the __SSL/TLS__ flag to ensure a secure connection. |
| \\ |
| At line 66 changed one line |
| !!!PopImapTask |
| ---- |
| !3. PopImapTask\\ |
| At line 68 changed 5 lines |
| Make sure the IMAP protocol is enabled for the user. See the description: [https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/pop3-and-imap4/enable-or-disable-pop3-or-imap4-access].\\ __Office 365__:Navigate to the Microsoft 365 Admin Center. [https://admin.microsoft.com/Adminportal/Home?#/homepage]. Select the user and enable the IMAP protocol at "Manage email apps".\\ |
| Provide the host and click on the Get Refresh Token button.\\ |
| __In order to get the Refresh token, CrushFTP WebInterface's host and port number must match with the redirect URL specified at Azure Application Registration.__\\ |
| Because the email address is essential after you got the refresh token, the Mail Username input field needs to be modified.\\ |
| Put your email address ended with a tilde(~) at the beginning of the Mail Username input field.\\ |
| Select the __IMAPS__ protocol.\\ |
| Ensure that the IMAP protocol is enabled for the user. See the description: [Managing email apps for user mailboxes Link|https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/pop3-and-imap4/enable-or-disable-pop3-or-imap4-access].\\ __Office 365__:Navigate to the Microsoft 365 Admin Center. [Link|https://admin.microsoft.com/Adminportal/Home?#/homepage]. Select the user and enable the IMAP protocol at __Manage email apps__.\\ |
| At line 82 added one line |
| __Host:__\\ |
| At line 84 added 14 lines |
| outlook.office365.com |
| }}} |
| __Port__: __993__\\ |
| If the __Host__ contains __office365__ or __outlook__, the corresponding __Get Refresh Token__ button will appear.\\ |
| Configure the __App registration__. See at [Microsoft Mail via OAuth 2.0|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SMTP%20Microsoft%20Graph%20XOAUTH%202%20Integration#section-SMTP+Microsoft+Graph+XOAUTH+2+Integration-1.MicrosoftMailViaOAuth2.0]\\ |
| __!!! Note__: To obtain the Refresh Token, the CrushFTP WebInterface’s host and port must match the Redirect URL specified in the Azure App Registration. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
| \\ |
| Click on __Get Refresh Token__ button. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID). Proceed with the authentication and authorization process. |
| \\ |
| __!!! Note__: Be sure to sign in with the __Microsoft Account__ that has the __necessary permissions__, as configured in the Azure App Registration mentioned above.\\ |
| Since the email address is required after obtaining the refresh token, the Mail Username field must be adjusted.\\ |
| Enter your email address followed by a tilde (~) at the beginning of the Mail Username field.\\ |
| \\ |
| {{{ |
| At line 103 added 2 lines |
| For more information, see the general POP/IMAP Task description: [POP/IMAP Task – CrushFTP Documentation Link| https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CrushTask#section-CrushTask-POP3IMAP]\\ |
| \\ |
