Email Host's Application Configuration

These steps are performed outside of PhixFlow.

An Office 365 Administrator is required to perform the following step to enable a PhixFlow instance to interact with Microsoft Office 365 Outlook.  

1. Open the Microsoft Entra Admin Center at https://entra.microsoft.com/#home
2. Select Applications → App Registrations
3. Click New Registration
   1. Name: PhixFlow O365 Integration, or another appropriate value
   2. Supported Account types: Choose Accounts in this organizational directory only
   3. Redirect URI:
      1. Select a Platform: Web 
      2. URL: SystemURL+receiveTokenAuthentication.htm
         e.g. http://phixflowhost.com/phixflow/receiveTokenAuthentication.htm
4. Click Register
5. Take a note of the Application (client ID)
6. Click Add a certificate or secret
7. Click New client secret
   1. Give the certificate a name
   2. Set the expires time, after which the secret has to be refreshed. Either use the default 180 days, or pick an alternative value such as 730 days.
      1. Ensure you create a new the secret before it expires.
   3. Press Add
   4. Take a note of the value, this is the Client Secret 

Client Token Configuration in PhixFlow

1. Open the  Full Repository and find the Client Token Configuration, then create a new one
   1. In PhixFlow version 11.3+, this can be done from the application's repository
2. To allow a user to authenticate, choose the User flow
3. Set the Client ID to the value obtained from Entra
4. Set the Client Secret to the value obtained from Entra
5. Set the Base URL to https://login.microsoftonline.com/common/ or https://login.microsoftonline.com/{tenantId}
   1. Typically, the tenantId is your email domain, e.g. mycompany.com
   2. Base URL example: https://login.microsoftonline.com/MyCompany.com/
6. Set the Scopes to: user.read mail.read mail.send mail.read.shared mail.send.shared openid email offline_access
7. Leave Identity Claim blank
8. Enable Supports Inbound Email and Supports Outbound Email, as required

Create an Email Account in PhixFlow

1. Create an Email Account in the Full Repository
   1. In PhixFlow version 11.3+, this can be done from the application's repository
2. Set a Name which you'll use to identify the email account, e.g. Customer Service
3. Toggle on Enabled
4. Set the Type to Inbound or Outbound, depending on your requirements

5. For an inbound email account:

   1. Set Host to outlook.office365.com
   2. Set the Protocol to Microsoft
   3. Set the Encryption to SSL/TLS
   4. Toggle on Use Default Port
   5. For the Authorisation Type, select OAuth 2
   6. Set the Login to the email address being monitored
   7. For On Email Received choose:
      1. Hold for collection via file collector if you want PhixFlow to monitor and hold the emails in a  File Collector for later processing
         1. See Reading Data From an Email Account
      2. Choose Trigger an email endpoint actionflow if you want PhixFlow to monitor and process the emails using the   Email Endpoint specified in Email Endpoint Action
         1. See Setting up an Email Endpoint
         2. (Optional) If you want to monitor a specific folder in Outlook, enter its name in the Folder field 
            1. If left blank, only the Inbox will be monitored
            2. If using a sub folder, the folder path must be entered here, for example, Inbox/Endpoint
   8. Select your Client Token Configuration
   9.  Apply the changes
   10. Next to Status, click  Authenticate Email Account to perform the authentication process which provides access to your Microsoft account
   11. Hover over  More Options and select  Test Configuration

Email Host's Application Configuration

1. Configure the application in Azure, Google Developer or similar
   1. https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
   2. https://learn.microsoft.com/en-us/power-platform/admin/connect-gmail-oauth2
2. Configuration parameters
3. The application type is Web
4. The redirect URL is yourPhixFlowInstance/receiveTokenAuthentication.htm
   1. For example, http://phixflowhost.com/phixflow/receiveTokenAuthentication.htm

Client Token Configuration in PhixFlow

1. Open the  Full Repository and find the Client Token Configuration, then create a new one
   1. In PhixFlow version 11.3+, this can be done from the application's repository
2. To allow a user to authenticate, choose the User flow
3. Set the Client ID to the value obtained from Azure/Google
   1. You may require assistance from your IT Team for this
4. Set the Client Secret to the value obtained from Azure/Google
5. Set the Auth URL to https://accounts.google.com/o/oauth2/v2/auth?prompt=&access_type=offline
   1. For tokens to auto renew set access_type=offline as a parameter in the URL
   2. Set the Token URL to https://oauth2.googleapis.com/token
   3. Set the Scopes to https://mail.google.com/

Create an Email Account in PhixFlow

1. Create an Email Account in the Full Repository
   1. In PhixFlow version 11.3+, this can be done from the application's repository
2. Set a Name which you'll use to identify the email account, e.g. Customer Service
3. Toggle on Enabled
4. Set the Type to Inbound or Outbound, depending on your requirements
5. Set Host to imap.gmail.com
6. Set the Protocol to IMAP
7. Set Authorisation Type to OAuth2
8. Select your Client Token Configuration
9. Click Authenticate Email Account to perform the authentication process which provides access to your Google account
   1. POP, IMAP, and SMTP settings for Outlook.com - Microsoft Support
   2. For POP Outlook add to the properties mail.pop3s.auth.xoauth2.two.line.authentication.format=true

10.