Skip to content

Oauth SMTP Entra#

Creating an Entra application#

Register an Entra application#

  • Log in to your Entra portal
  • In the Applications > Application registration > new application menu
  • Enter an application name, then in URI redirection, enter web.
  • Retrieve the GLPI redirection URL available in configuration > notifications > configuration of email notifications. In way of sending emails, select SMTP+OAUTH.

Alt text

  • You will see the redirection URL in the new menu that appears. Copy it and paste it into the redirection URI of your Entra application.

Alt text

  • Click on Save.

Creating the secret#

  • Now go to certificate and secret.
  • Click on new client secret.
  • Enter a name and an expiry date.
  • Then click on add

Alt text

  • Once validated, the secret value appears.

Point of attention

The value of the secret must be reflected in client secret on the GLPI side. This value is only visible once, remember to save it in a safe place.

Adding claims#

The addition of claims is necessary so that GLPI can use the SMTP service via the Entra application.

  • In the claims tab, click on your application (in this case Microsoft graph).

Alt text

  • On the right-hand side of the screen, search for smtp.
  • select it then click on update permissions.

Alt text

Last GLPI settings#

  • Return to the application's overview menu to find the information you need to enter into GLPI.
  • We filled in the secret value in the previous step, all that remains is to fill in the application ID and the directory ID.

Alt text

Alt text

  • When you click on save, you will be redirected to the Microsoft account to be connected.

Point of attention

The account synchronised with Oauth SMTP must also be the one sending the emails. This account is identified in the sender's email

Alt text

Authenticated SMTP configuration#

In order for the account using SMTP services to be authorised to send mail, it is imperative to activate authenticated SMTP from the Entra Tenant.

  • Connect to your tenant
  • Go to users and click on the relevant account
  • Then go to mail > manage mail applications and select SMTP Authenticated

Alt text

Send test#

  • Once you have entered your Microsoft account details, you will need to accept the necessary authorisations. All that's left is to carry out a test send.

Alt text

References#

GLPI documentation "Email followups configuration"

Last update: 13/06/2023