Skip to main content

Manage mail servers

The Mail Server setting allows you to use your own SMTP mail server to send emails. By default, email messages are sent from the Identity as a Service built-in mail server. When you configure a custom SMTP server, all messages sent from Identity as a Service are sent from the custom SMTP server.

For Basic authentication you provide the SMTP username and password directly in IDaaS. For OAuth authentication, you do not provide the username and password for authorization in IDaaS. The username is retrieved after signing in to the OAuth application as long as you have the required ID token.

Before you begin, you need the following information:

For Basic authentication:

  • The hostname or IP address of your SMTP server
  • The SMTP username (the email address associated with the mail server)
  • The SMTP password for the SMTP username

For example, if you want to set up Gmail as your SMTP server, you would use the following:

  • SMTP server: smtp.gmail.com
  • Protocol: TLS(465)
  • SMTP username: your full Gmail address (for example, username@gmail.com)
  • SMTP password: your Gmail password

For OAuth authentication:

  • The Issuer URL from your mail server
  • Authorization Endpoint
  • Token Endpoint
  • The Client ID of the application configured on the mail server
  • The Client Secret of the application configured on the mail server
  • The required scopes

For example, if you want to set up Google as your SMTP server, you would use the following:

  • The Issuer URL from your mail server: accounts.google.com
  • Protocol: TLS(465)
  • Authorization Endpoint: https://accounts.google.com/o/oauth2/v2/auth
  • Token Endpoint: https://oauth2.googleapis.com/token
  • The Client ID: your full Gmail address (for example, username@gmail.com).
  • The Client Secret: your gmail password
  • The required scopes: https://mail.google.com https://www.googleapis.com/auth/userinfo.email

Configure a custom mail server using basic authentication

  1. Click > Configuration > Mail Server. The Mail Server page appears.
  2. Select Custom Mail Server to set a custom mail server. The Mail Server page appears.
  3. Select the Basic Authentication Method.
  4. Select the Protocol used by your mail server to secure your emails.
  5. In the SMTP Server field, enter the hostname of the SMTP server (your outgoing mail). For example, smtp.mailprovider.com.
  6. In the SMTP Username field, enter the SMTP username. This is the email address associated with the mail server (for example, example@yourdomain.com).
  7. In the SMTP Password field, enter the SMTP password of the SMTP username.
  8. Optional. In the From Name field, enter the name of the user that sends the emails.
  9. In the From Address, enter the email address that sends the email message.
  10. In the Reply To Address, enter the email address that receives replies. Leave this field blank to disable the ability to send replies.
  11. Click Save.
  12. Click Send Test Email to test the settings.

Configure a custom mail server to use OAuth authentication

  1. Click > Configuration > Mail Server. The Mail Server page appears.

  2. Select Custom Mail Server to set a custom mail server. The Mail Server page appears.

  3. Select the OAUTH Authentication Method.

  4. Select the Protocol used by your mail server to secure your emails.

  5. If applicable, enter the Issuer URL used by your server to send outgoing mail. For example, https://accounts.mailprovider.com.

  6. Click Fetch Configuration. If available, this button fetches the Authorization Endpoint and the Token Endpoint. If the Fetch Configuration option is not available for your SMTP mail server, refer to your mail server provider documentation and interface for the Authorization Endpoint and Token Endpoint and then enter the information in the corresponding fields.

  7. If needed to configure your OAuth mail server, copy the Redirect URI and paste it where required in your mail server configuration page.

  8. Enter the Client ID of the application configured on the mail server.

  9. Enter the Client Secret of the application configured on the mail server.

  10. Enter the Scopes needed for the application. These are the permissions users have when using the mail server, for example:

    • Read, write, send, and delete emails
    • Link users to their personal information on the mail server
    • See primary account email address

    If there are multiple scopes, separate them with a space.

    Example: https://mail.mailprovider.com https://mailproviderapis.com/auth/userinfo.email

    note

    The offline_access scope is not required for GMAIL OAUTH. If added, it causes an error.

  11. Click Authorize. You are redirected to your OAuth application to sign in.

  12. Enter your application username and password. If you receive a message that your OAuth application has not yet been approved app access, you must provide the consent for IDaaS to have access to your OAuth account.

  13. Click Continue. A verification page appears. Optionally, click the link to view the email Services that IDaaS will be able to access. These are the scopes that you defined above.

  14. Click Continue again to return to the IDaaS Mail Server page. The SMTP Username and the From Address fields are populated from the OAuth login information.

    note

    If there is no ID Token, you must manually enter the SMTP username.

  15. If required, copy the Redirect URI. You need this to configure Microsoft or Gmail email OAuth servers.

  16. In the SMTP Server field, enter the hostname of the SMTP server (your outgoing mail). For example, smtp.mailprovider.com.

  17. Optionally:

    1. In the From Address, enter the email address that sends the email message.
    2. In the Reply To Address, enter the email address that receives replies. Leave this field blank to disable the ability to send replies.

  18. Click Save.

  19. Click Send Test Email to test the settings.

Configure a custom mail server to use Office365 OAuth

  1. Click > Configuration > Mail Server. The Mail Server page appears.

  2. Select Custom Mail Server to set a custom mail server. The Mail Server page appears.

  3. Select the OAUTH Authentication Method.

  4. Select the Protocol used by your mail server to secure your emails.

  5. If applicable, enter the Issuer URL used by your server to send outgoing mail. For example, https://login.microsoftonline.com/common/v2.0.

  6. Click Fetch Configuration. If available, this button fetches the Authorization Endpoint and the Token Endpoint. If the Fetch Configuration option is not available for your SMTP mail server, refer to your mail server provider documentation and interface for the Authorization Endpoint and Token Endpoint and then enter the information in the corresponding fields.

  7. If needed to configure your OAuth mail server, copy the Redirect URI and paste it where required in your mail server configuration page.

  8. Enter the Client ID of the application configured on the mail server.

  9. Enter the Client Secret of the application configured on the mail server.

  10. Enter the Scopes needed for the application. These are the permissions users have when using the mail server, for example:

    • Read, write, send, and delete emails
    • Link users to their personal information on the mail server
    • See primary account email address

    If there are multiple scopes, separate them with a space.

    Example: https://outlook.office365.com/SMTP.Send openid email offline_access

  11. Click Authorize. You are redirected to your OAuth application to sign in.

  12. Enter your application username and password. If you receive a message that your OAuth application has not yet been approved app access, you must provide the consent for IDaaS to have access to your OAuth account.

  13. Click Continue. A verification page appears. Optionally, click the link to view the email Services that IDaaS will be able to access. These are the scopes that you defined in step 10.

  14. Click Continue again to return to the IDaaS Mail Server page. The SMTP Username and the From Address fields are populated from the OAuth login information.

  15. Enter the SMTP Username for the Microsoft Office365 license.

  16. If required, copy the Redirect URI. You need this to configure Microsoft or Gmail email OAuth servers.

  17. In the SMTP Server field, enter smtp.office365.com.

  18. Optionally:

    1. In the From Address, enter the email address that sends the email message.
    2. In the Reply To Address, enter the email address that receives replies. Leave this field blank to disable the ability to send replies.

  19. Click Save.

  20. Click Send Test Email to test the settings.