Oauth SMTP Entra#
Creating an Entra application#
Register an Entra application#
- Log in to your Entra portal
- In the
Applications
>Application registration
>new application
menu - Enter an application name, then in URI redirection, enter
web
. - Retrieve the GLPI redirection URL available in
configuration
>notifications
>configuration of email notifications
. Inway of sending emails
, selectSMTP+OAUTH
.
- You will see the redirection URL in the new menu that appears. Copy it and paste it into the redirection URI of your Entra application.
- Click on
Save
.
Creating the secret#
- Now go to
certificate and secret
. - Click on
new client secret
. - Enter a
name
and anexpiry date
. - Then click on
add
- Once validated, the secret
value
appears.
Point of attention
The value of the secret must be reflected in client secret on the GLPI side. This value is only visible once, remember to save it in a safe place.
Adding claims#
The addition of claims is necessary so that GLPI can use the SMTP service via the Entra application.
- In the
claims
tab, click on your application (in this case Microsoft graph).
- On the right-hand side of the screen, search for
smtp
. - select it then click on
update permissions
.
Last GLPI settings#
- Return to the application's
overview
menu to find the information you need to enter into GLPI. - We filled in the secret value in the previous step, all that remains is to fill in the
application ID
and the directory ID.
- When you click on
save
, you will be redirected to the Microsoft account to be connected.
Point of attention
The account synchronised with Oauth SMTP must also be the one sending the emails. This account is identified in the sender's email
Authenticated SMTP configuration#
In order for the account using SMTP services to be authorised to send mail, it is imperative to activate authenticated SMTP
from the Entra Tenant.
- Connect to your tenant
- Go to
users
and click on the relevant account - Then go to
mail > manage mail applications
and selectSMTP Authenticated
Send test#
- Once you have entered your Microsoft account details, you will need to accept the necessary authorisations. All that's left is to carry out a test send.
References#
GLPI documentation "Email followups configuration"