Genesys Cloud - Main

 View Only

Discussion Thread View
Back to discussions
Expand all | Collapse all

SMTP Oauth2.0 set up

  • 1.  SMTP Oauth2.0 set up

    Posted 05-31-2023 11:52

    Hi everyone,

    I'm trying to get SMTP  integration set up with with Ouath2.0 connecting to a mailbox we have in o365.

    Has anyone got this to work? I can't seem to find any instructions online, I've configured the App registration in azure and plugged the id's into the smtp integration but would like to verify if i've done it correct as its still failing.


    #Integrations

    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------


  • 2.  RE: SMTP Oauth2.0 set up

    Posted 06-01-2023 02:09

    Hello Harpal

    we raised the question to Genesys in March 2023 and, at that time, feature was in Beta evaluation.

    It might not be GA yet.

    Marc



    ------------------------------
    Marc Gaspard
    NTT Belgium NV/SA
    ------------------------------

    Original Message


  • 3.  RE: SMTP Oauth2.0 set up

    Posted 06-05-2023 12:19
    Edited by Tatjana Knezevic 06-05-2023 23:57

    Hi @Harpal Dhillon ,

    We have the same problem. Our SMPT host is smtp.office365.com. 

    Also, we configured the application registration in Azure and got the error. We opened the case with Customer Care, but there is no help. 

    Were you able to configure this integration meanwhile? 

    @Marc Gaspard

    Yes, this feature was released in the release on April 26th (https://help.mypurecloud.com/releasenote/april-26-2023/). 



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 4.  RE: SMTP Oauth2.0 set up

    Posted 06-06-2023 04:11

    Afraid not, i can get it working in Basic Auth however Oauth keeps failing.

    I too tried smtp.office365.com and other settings i found in a genesys i found in the below Genesys Engage doc thinking it would be similar:

    Setting up Microsoft Azure mailboxes for OAuth 2.0 authorization (genesys.com)

    I too logged a ticket with support but its not got anywhere so far.



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 5.  RE: SMTP Oauth2.0 set up

    Posted 06-06-2023 10:21

    @Harpal Dhillon 

    Thank you for your response. We don't have any progress to report OAuth2 SMTP integration. Still not able to configure it. Yeah, we found also the same Engage document. 

    @Guru Prasad Saw your post on the community here when the feature was released. Do you have any recommendations to share? 

    Thanks,



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 6.  RE: SMTP Oauth2.0 set up

    Posted 06-06-2023 10:44

    @Harpal Dhillon 

    No progress to report, still experiencing the error with SMTP OAuth2. 

    Here are the settings for SMTP OAuth2 integration (I'll use the placeholders for sensitive data):
    Client ID*: {clientId}
    Client Secret*: {clientSecret}
    Access token endpoint*: https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
    Username: {username}
    Password: {password}
    Scopes: https://outlook.office365.com/.default

    SMTP Host: smtp.office365.com
    SMTP Port: 587
    StartTLS: True



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 7.  RE: SMTP Oauth2.0 set up

    Posted 06-06-2023 10:54

    yes your settings look identical to mine, but still fail.



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 8.  RE: SMTP Oauth2.0 set up

    Posted 06-09-2023 15:16

    Hi @Harpal Dhillon

    Any progress with your SMTP OAuth2 configuration?

    Customer Care didn't provide any guidance or documents, rather they were directing us to go to Microsoft. After numerous attempts, we were able to finally get this Integration to work :-) 



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 9.  RE: SMTP Oauth2.0 set up

    Posted 06-13-2023 04:24

    We've got the same issue where genesys support keep referring us to Microsoft. Could you share how you got it working please?



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 10.  RE: SMTP Oauth2.0 set up

    Posted 06-13-2023 15:32

    Hi @Harpal Dhillon ,

    These are the settings we use for our SMTP OAuth2 Integration to work. 

    1. Create a new application in Azure AD. I strongly recommend starting from scratch instead of modifying the existing application.
    2. After registering the application take the values for * Application (client) ID, and * Directory (tenant) ID as you will use them later on in Genesys 
    3. Continue with the application registration and when you get to the step: Application permissions, configure the permissions as per the screenshot below.

    NOTEs about User: The user should have Microsoft 365 Standard license and MUST have "Authenticated SMTP" enabled (please note, this is disabled by default). 

    Genesys configuration settings (redacted) are shared in one of the previous posts. Can you please give it a try?  



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 11.  RE: SMTP Oauth2.0 set up

    Posted 06-14-2023 07:04

    amazing its now working for us too!

    i did have an additional hurdle of conditional access policy to bypass but outbound emails are now successful.

    one strange this is we still have a warning error under integrations -> the custom smtp integration but its working fine. I guess this can be ignored.

    thanks so much for your assistance @Tatjana Knezevic 



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 12.  RE: SMTP Oauth2.0 set up

    Posted 06-14-2023 09:29

    Hi @Harpal Dhillon ,

    Any time :-) Glad to hear it worked! 

    About the warning: not sure why you are getting it as there shouldn't be any. We don't have any warning under Integrations and we successfully configured it under the Email Custom domain (see below). 

    Please open the Developer tools and then perform De-activate/Activate the Integration and check the responses.  



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 13.  RE: SMTP Oauth2.0 set up

    Posted 08-10-2023 09:26

    @Tatjana Knezevic , Hello Regarding the Configuration Above using microsoft Azure API  , We have created from Azure side and added the in tegration into Genesys when Activate the integration we are getting the following error , No SMTP host configured for this integration Id ,

    Any idea why it is happening what the value of  SMTP Host and port in casde of using Graph API 



    ------------------------------
    ahmed Faheem
    Miratech, Inc
    ------------------------------

    Original Message


  • 14.  RE: SMTP Oauth2.0 set up

    Posted 08-10-2023 09:33

    I tried the configuration above 

    When activating the integration withing Genesys , am getting the following error 

    No SMTP Server configured for this integration.

    Please advise what could be a problem 



    ------------------------------
    ahmed Faheem
    Miratech, Inc
    ------------------------------

    Original Message


  • 15.  RE: SMTP Oauth2.0 set up

    Posted 08-25-2023 00:02

    Hi Ahmed Faheem 

    were you able to get pass this error ? i am also seeing the same error message and dont know what to do next 

    Regards

    Halesha sn



    ------------------------------
    Halesha Nagarajappa
    Accenture Solutions Private Limited
    ------------------------------

    Original Message


  • 16.  RE: SMTP Oauth2.0 set up

    Posted 09-12-2023 11:38

    @Tatjana Knezevic I was hoping you might be able to point me in the right direction. I have followed your steps above along with these settings but I'm getting an "invalid_grant" error in Genesys Cloud when I try to activate the smtp integration with OAuth 2 enabled.

    Settings:

    Here are the settings for SMTP OAuth2 integration (I'll use the placeholders for sensitive data):
    Client ID*: {clientId}
    Client Secret*: {clientSecret}
    Access token endpoint*: https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
    Username: {username}
    Password: {password}
    Scopes: https://outlook.office365.com/.default

    SMTP Host: smtp.office365.com
    SMTP Port: 587
    StartTLS: True



    ------------------------------
    Scott Smith
    CCS Medical
    ------------------------------

    Original Message


  • 17.  RE: SMTP Oauth2.0 set up

    Posted 09-12-2023 15:10

    Hi @Scott Smith

    It looks like something is not right with the configuration for the OAuth application. Please check the logs in Azure Portal. 

    In case Azure Portal not being able to display the error code or if Sign-In Logs show successful sign-in, but the application is still unable to complete the authentication process, please find the next curl command, as it would return the error code from the Microsoft Exchange online.


    curl --location 'https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --data-urlencode 'client_id={client_id}' \
    --data-urlencode 'scope=SMTP.Send profile openid email' \
    --data-urlencode 'client_secret={client_secret}' \
    --data-urlencode 'grant_type=password' \
    --data-urlencode 'username={username}' \
    --data-urlencode 'password={password}'
     

    If successful, you will get an answer similar to this one:

    {"token_type":"Bearer",
    "scope":"IMAP.AccessAsUser.All Mail.Send SMTP.Send User.Read profile openid email",
    "expires_in":4118,
    "ext_expires_in":4118,
    "access_token":"***************",
    "id_token":"*****************"}
     

    In case of an error, you might get an answer with the error code:

    {"error":"invalid_grant",
    "error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID '*****************' named 'GenesysOAuth2'. Send an interactive authorization request for this user and resource.\r\n
    Trace ID: ********\r\n
    Correlation ID: ********************\r\nTimestamp: 2023-06-03 21:08:47Z",
    "error_codes":[65001],
    "timestamp":"2023-06-03 21:08:47Z",
    "trace_id":"************",
    "correlation_id":"**************",
    "suberror":"consent_required"}

    Hope this helps. 



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 18.  RE: SMTP Oauth2.0 set up

    Posted 11-12-2024 11:28

    Dear @Tatjana Knezevic,

    Hope you're doing well.
    We're struggling since weeks to have this Integration up&running.
    In the current Integration we are using email forwarding for inbound email and Custom SMTP Integration for Outbound email.
     
    There are several questions that I hope you could help me to answer. Here they are:
     
    Integration:
    1. Is the current Integration applicable with the guideline shared in this post?
     
    Azure AD:
    1. For the Application Permissions shown in one of your post, do we have to grant those listed in the "Office 365 Exchange Online" part or also those in the "Microsoft Graph" Section?
     
    Genesys Cloud:
    1. What Kind of "Credential Type" are you using in your Customer SMTP Application? Basic, ROPC or Credential Flow?
    2. What value should be entered in the username parameter? The user or the mailbox itself?
     
    Having your support would we very helpful because at the moment we were able only to activate and test the integration but not to reply to an inbound email successfully. 
     
    Many thanks and Kind regards,


    ------------------------------
    Fabrizio Tortis
    Swisscom (Schweiz) AG - Technical Lead CIM
    ------------------------------

    Original Message


  • 19.  RE: SMTP Oauth2.0 set up

    Posted 11-13-2024 17:14
      |   view attached

    Hi @Fabrizio Tortis,

    The documentation on this thread may need to be updated. We have successfully configured in the last couple of months SMTP integration using Client Credential Flow and would recommend doing the same with your integration.

    Here is the latest document we created, which provides all the details and steps to take in Azure AD and Genesys Cloud.  

    I hope this document will help you to (finally) resolve the issues with the SMTP integration. Please keep me posted on the progress.

    Thanks,



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 20.  RE: SMTP Oauth2.0 set up

    Posted 11-14-2024 13:27

    Hi Tatjana,
    Many thanks for your answer and the latest version of the documentation. We have the following specilities in our integrations:

    We adopt redirect message for the inbound email (https://help.mypurecloud.com/articles/register-domain-redirect-inbound-messages/) and Custom SMTP integration only for outbound/reply email.

    On Microsoft side we're using a Service Account.

    Questions: Did you manage to have this integration working with the same specialities mentioned above?

    In addition we had a look at the latest version of your documentation and we recreated both applications on MS and Genesys side following step-by-step what is mentioned on it. Now we did a step back since I'm receiving an error activating

    the Customer SMTP integration. Before at least this part was working.

    in the Sign-in logs on MS Azure we can't see any requests arriving from Genesys.

     

    Here are the parameters I'm using in the Integration:

    Do you know what could be the problem behind this error received when activating the Integration?

    Many thanks and Kind regards,

    Fabrizio



    ------------------------------
    Fabrizio Tortis
    Swisscom (Schweiz) AG - Technical Lead CIM
    ------------------------------

    Original Message


  • 21.  RE: SMTP Oauth2.0 set up
    Best Answer

    Posted 11-18-2024 16:48

    Hi @Fabrizio Tortis,

    Oh, sorry to hear that. The parameters you shared look fine (assuming the values correspond to what is configured in Azure AD, and Microsoft 365 (as per documentation shared). 

    I can confirm that we successfully installed 4 SMTP integrations using the same procedure from this document Can you please run this curl command? Just so you know, I left the placeholders  (bolded) for you to enter the data for your current integration. 

    curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id={clientId}&scope=https://graph.microsoft.com/.default&client_secret={clientSecret}&grant_type=client_credentials' 'https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token

    When run, this command should return either the token (if everything is configured as expected) or the error. In case of an error, please refer to learn.microsoft.com and provide the error code or error details in the search field

    Please keep me posted on progress.



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 22.  RE: SMTP Oauth2.0 set up

    Posted 11-26-2024 05:49
      |   view attached

    Hi @Tatjana Knezevic many thanks for your answer. I was able to fix this issue. There was a Conditional Access Policy rule configured on Azure which was blocking Genesys in getting the token. 

    Now the integration on Genesys is correctly active but infortunately I'm still not able to reply or send out and outbound email. On Genesys I'm receiving the following error: "Unable to authenticate with the specified integration."

    I've opened a case to Genesys Support and it seems that Genesys is receiving back the following error "Caught SMTPSendFailedException (Return Code 430) while sending email (size estimated 711 bytes) using SMTP server" from Exchange. You could find the complete log snippet provided by Genesys Support in attach for more details.

    First question to you: Did you ever faced this issue during your integrations?

    In addition I've discovered that this Customer is using Exchange Server hybrid deployments which is a combination between an on-premises Exchange organization and Exchange Online (link: https://learn.microsoft.com/en-us/exchange/exchange-hybrid)

    Second question to you: Have you integrated with this type of deployment? 

    I look forward to your kindly reply.

    Many thanks and Best regards,

    Fabrizio



    ------------------------------
    Fabrizio Tortis
    Swisscom (Schweiz) AG - Technical Lead CIM
    ------------------------------

    Original Message


  • 23.  RE: SMTP Oauth2.0 set up

    Posted 12-03-2024 22:11

    Hi @Fabrizio Tortis,

    I'm sorry for not getting back to you sooner. Unfortunately, I don't have experience with either of your questions. 

    I hope the log you shared here will help the Microsoft/Exchange Team with the resolution. 

    Thanks,



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 24.  RE: SMTP Oauth2.0 set up

    Posted 12-16-2024 05:11
      |   view attached

    Hi @Tatjana Knezevic

    Many thanks for your answer. I gladly inform you that finally we were able to fix this issue and integrate succesfully Genesys Cloud with M365. It was a misconfiguration between the Service Principal Name and the user created on Exchange side leading this issue.

    I've added this error in the section "Known error codes" of your documentation, so it could help other people managing this integration.

    Many thanks for your support and Kind regards,



    ------------------------------
    Fabrizio Tortis
    Swisscom (Schweiz) AG - Technical Lead CIM
    ------------------------------

    Original Message


  • 25.  RE: SMTP Oauth2.0 set up

    Posted 12-17-2024 16:03

    Hi @Fabrizio Tortis,

    I am glad to hear all worked well in the end. Thank you for updating the documentation with the new error code and sharing it with the Community! 

    Thanks,



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 26.  RE: SMTP Oauth2.0 set up

    Posted 08-02-2023 08:50

    can you pls tell me what user name and password we are talking here and from where we get these detail ?



    ------------------------------
    Halesha Nagarajappa
    Accenture Solutions Private Limited
    ------------------------------

    Original Message


  • 27.  RE: SMTP Oauth2.0 set up

    Posted 08-02-2023 09:01

    Hi Halesha,

    The username and password will be of that mailbox sitting in exchange online which you use to send outbound email from your domain.



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 28.  RE: SMTP Oauth2.0 set up

    Posted 08-02-2023 09:09

    Thanks Harpal. what if we have multiple mail box ? do you have happen have any guide that inform us what they need to from azure side ?

    Regards

    halesha sn



    ------------------------------
    Halesha Nagarajappa
    Accenture Solutions Private Limited
    ------------------------------

    Original Message


  • 29.  RE: SMTP Oauth2.0 set up

    Posted 08-02-2023 09:19

    no guide i'm afraid, everything i used was from this thread, i believe if you have multiple mailboxes you'll have to grant send as permissions for the one mailbox specified in the username + password field to the mailboxes in question



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 30.  RE: SMTP Oauth2.0 set up

    Posted 08-07-2023 04:59

    Thank Harpal. is "Add a TXT record to your DNS and verify " is still needed for inbound routing to work in case where we are using the custom SMTP to send an outbound email.



    ------------------------------
    Halesha Nagarajappa
    Accenture Solutions Private Limited
    ------------------------------

    Original Message


  • 31.  RE: SMTP Oauth2.0 set up

    Posted 08-07-2023 06:27

    Yes thats correct.



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 32.  RE: SMTP Oauth2.0 set up

    Posted 08-23-2023 09:34

    Hi All,

    we have configured SMTP with Oauth2.0 but we are  seeing "No SMTP Host Configured for Integration Id"  . Any one has seen this before ?

    Regards

    Halesha sn



    ------------------------------
    Halesha Nagarajappa
    Accenture Solutions Private Limited
    ------------------------------

    Original Message


  • 33.  RE: SMTP Oauth2.0 set up

    Posted 09-22-2023 16:11

    Hi,

    A question about it,,, if the mail address sitting on exchange/Office365 is like: "mailbox_soporte@nomorecomplicated.com", the username on the integration setting is "mailbox_soporte" or "mailbox_soporte@nomorecomplicated.com", which is the correct one?



    ------------------------------
    Saugort Dario Garcia
    Interacciones Inteligentes S.A.
    ------------------------------

    Original Message


  • 34.  RE: SMTP Oauth2.0 set up

    Posted 09-25-2023 04:30

    Hi Saugort, 

    the username in that example would be: mailbox_soporte@nomorecomplicated.com



    ------------------------------
    Harpal Dhillon
    Foxtons Limited
    ------------------------------

    Original Message


  • 35.  RE: SMTP Oauth2.0 set up

    Posted 03-17-2024 20:17

    This method works fine for OAuth 2.0 ROPC Flow, Has anyone setup OAuth2.0 Credential Flow? We are trying to understand what to use as the Username (no Password) 

    Can anyone advise?

    Thanks



    ------------------------------
    Brian Allison
    Spark New Zealand Trading Limited
    ------------------------------

    Original Message


  • 36.  RE: SMTP Oauth2.0 set up

    Posted 03-21-2024 08:33

    Hello,

    we do have the same issue. Trying to setup the OAuth2.0 Credential Flow SMTP connection, but without success. For us it always ends with Error '535 5.7.3 Authentication unsuccessful.

    Does anyone have a working configuration for this type of setup?



    ------------------------------
    Jakub Zita
    Alcasys Slovakia a.s
    ------------------------------

    Original Message


  • 37.  RE: SMTP Oauth2.0 set up

    Posted 04-06-2024 13:28

    We are also trying to do the same.  If anyone finds a solution, please follow-up on this thread so we can all benefit!



    ------------------------------
    Joe Slitzker
    TTCU the Credit Union
    ------------------------------

    Original Message


  • 38.  RE: SMTP Oauth2.0 set up

    Posted 04-10-2024 00:51
      |   view attached

    @Brian Allison, and to everyone on this thread,

    Yes, our System Admin was able to set up OAuth 2.0 using Client Credential Flow. The process was super tedious and lengthy. We went through the same pain you are experiencing and wanted to share what we have and contribute to the Community. We created a document that will guide you through the steps to set up this integration. You'll see the document is a couple of pages in length, however, our goal was to include all the steps and to speed up our future OAuth 2.0 Client Credential Flow integrations. 

    Hopefully, this document will help in your endeavors.  

    Looking forward to hearing from you. 



    ------------------------------
    Tatjana Knezevic

    www.startelecom.cloud

    https://www.linkedin.com/company/star-telecom-www-startelecom-ca-/
    ------------------------------

    Original Message


  • 39.  RE: SMTP Oauth2.0 set up

    Posted 04-10-2024 07:56

    Thank you for sharing and contributing to the community!!  At the advice of someone from Genesys on another thread about this subject, I opened a case with support who told me this is not possible.  :(.  I rechecked all my steps from this sheet and have set it all up correctly, however we have SMTP auth disabled at the tenant level so we will not be able to use this unfortunately.  The more modern and recommended approach would be to use the graph API authentication but Genesys is not supporting this yet, FYI in case anyone else has a similar scenario.  



    ------------------------------
    Joe Slitzker
    TTCU the Credit Union
    ------------------------------

    Original Message


  • 40.  RE: SMTP Oauth2.0 set up

    Posted 08-23-2024 14:38

    Hi,

    Do you have tried or configured succesfully smtp integration using Genesys and Microsoft (ROPC Flow)?

    Regards,

    SG



    ------------------------------
    Saugort Dario Garcia
    Interacciones Inteligentes S.A.
    ------------------------------

    Original Message


  • 41.  RE: SMTP Oauth2.0 set up

    Posted 04-08-2024 08:55
    Edited by Sergey Dzyuba 04-10-2024 10:14

    We're experiencing the same issue. Can someone at Genesys team help us to resolve it?

    ---

    UPD: Thanks Tatjana Knezevic for sharing solution


    Original Message


  • 42.  RE: SMTP Oauth2.0 set up

    Posted 04-10-2024 14:55

    Thanks @Tatjana Knezevic for this. My customer and I had worked through the setup and got it all working but they were reluctant to share their setup.

    We have gotten this working now, and struggled when adding extra email accounts. I got this message from him

    "Seems the service principal needs SendAs Access replacing it with the mailbox names only" 

    Im not an Exchange guy, so hopefully this will mean something to those that are.

    Brian



    ------------------------------
    Brian Allison
    Spark New Zealand Trading Limited
    ------------------------------

    Original Message


Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources