Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview

OAuth authentication required for Office 365 for new tenants is supported by PhixFlow. This page describes the setup required.

System Configuration Setup in PhixFlow

  1. In the System Configuration set the URL for your application in the System URL field
    1. For example. http://localhost:8080/phixflow/
  2. If SAML is already configured then this next step should already be configured.
    1. In phixflow-login.xml in sameSiteCookieFilter check that JSESSIONID is set to None. It is the line marked as <!-- The following line must be uncommented to allow SAML login →
  3. Ensure the secure flag is set on cookies, see Install Tomcat

Host's Application Configuration

  1. Configure the application in Azure, Google Developer or similar
    1. https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
    2. https://learn.microsoft.com/en-us/power-platform/admin/connect-gmail-oauth2
  2. Configuration parameters
  3. The application type is Web.
  4. The redirect URL is yourPhixFlowInstance/receiveTokenAuthentication.htm
    1. e.g. http://localhost:8080/phixflow/receiveTokenAuthentication.htm

Client Token Configuration in PhixFlow

  1. In PhixFlow create a Client Token Configuration from the Full Repository.
  2. To allow a user to authenticate choose the User flow
  3. Set the Client ID to the value obtained from Azure/Google
  4. Client Secret to the value obtained from Azure/Google
  5. Google
    1. Auth URL https://accounts.google.com/o/oauth2/v2/auth?prompt=&access_type=offline
      1. For tokens to auto renew set access_type=offline as a parameter in the URL
    2. Token URL https://oauth2.googleapis.com/token
    3. Scopes https://mail.google.com/
    4. Google only sends a refresh token on the first authentication so if you don’t get a refresh token you have to delete the connection from google and authenticate again. This is also a problem if you want to use the same email address for an inbound and outbound email.
  6. Microsoft
    1. Base URL https://login.microsoftonline.com/common/ or https://login.microsoftonline.com/{tenantId}
    2. Scopes https://outlook.office.com/SMTP.Send or https://outlook.office.com/POP.AccessAsUser.All or https://outlook.office.com/IMAP.AccessAsUser.All offline_access openid email

Create an Email Account in PhixFlow

  1. Create an Email Account in the Full Repository.
  2. Set Enabled
  3. Set Type to Inbound or Outbound depending on your requirements.
  4. Set Authorisation Type to OAuth2
  5. Select your client token configuration.
  6. Click Authenticate Email Account to perform the authentication process which provides access to your Google/Microsoft account.
    1. POP, IMAP, and SMTP settings for Outlook.com - Microsoft Support
    2. For POP Outlook add to the properties mail.pop3s.auth.xoauth2.two.line.authentication.format=true

ARE THERE ANY MORE OPTIONS TO SET?

  • No labels