Insert excerpt | ||||||||
---|---|---|---|---|---|---|---|---|
|
Overview
OAuth authentication required for Office 365 for new tenants is supported by PhixFlow from Version 10.1 onwards. This page describes the setup required.
System Configuration Setup in PhixFlow
- Check the following
- Ensure that the System Configuration → System URL field is set to the public URL PhixFlow is accessed on by users.
- For example, http://phixflowhost.com:8080/phixflow/
- Ensure the secure flag is set on cookies, see Install Tomcat
- Ensure that the System Configuration → System URL field is set to the public URL PhixFlow is accessed on by users.
Host's Application Configuration
- Configure the application in Azure, Google Developer or similar
- Configuration parameters
- The application type is Web.
- The redirect URL is yourPhixFlowInstance/receiveTokenAuthentication.htm
- For example, http://localhost:8080phixflowhost.com/phixflow/receiveTokenAuthentication.htm
Client Token Configuration in PhixFlow
- In PhixFlow create a Client Token Configuration from the Full Repository.
- To allow a user to authenticate choose the User flow
- Set the Client ID to the value obtained from Azure/Google
- Client Secret to the value obtained from Azure/Google
- Google
- Auth URL https://accounts.google.com/o/oauth2/v2/auth?prompt=&access_type=offline
- For tokens to auto renew set access_type=offline as a parameter in the URL
- Token URL https://oauth2.googleapis.com/token
- Scopes https://mail.google.com/
Warning Google only sends a refresh token on the first authentication so if you don’t get a refresh token you have to delete the connection from Google and authenticate again.
- Auth URL https://accounts.google.com/o/oauth2/v2/auth?prompt=&access_type=offline
- Microsoft
- Base URL https://login.microsoftonline.com/common/ or https://login.microsoftonline.com/{tenantId}
- Scopes, recommended setup:
Code Block https://outlook.office.com/SMTP.Send https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/IMAP.AccessAsUser.All All offline_access openid email
Create an Email Account in PhixFlow
- Create an Email Account in the Full Repository.
- Set Enabled
- Set Type to
Inbound
orOutbound
depending on your requirements. - Set Authorisation Type to
OAuth2
- Select your client token configuration.
- Click Authenticate Email Account to perform the authentication process which provides access to your Google/Microsoft account.
- POP, IMAP, and SMTP settings for Outlook.com - Microsoft Support
- For POP Outlook add to the properties mail.pop3s.auth.xoauth2.two.line.authentication.format=true