OAuth2 authentication for email server connections
You can send emails and connect to email servers such as Microsoft Outlook and Google Mail using OAuth2 authentication. This type of authentication enables you to connect to email servers using an access token instead of a basic login with a username and password. You can use OAuth2 authentication when working with email service providers that no longer support basic authentication.
To set up this authentication, you must first create an OAuth2 configuration in the application before using it in an email connection. This configuration is accessible by both IPA and Landmark. You can configure OAuth2 authentication through Process Server Administration for IPA and through Administration Console for Landmark.
These are the grant types that you can use when configuring OAuth2 authentication:
| Type | Description |
|---|---|
| Client credentials |
This grant type is used for service-to-service authentication. The client is registered on the server to get a client ID and client secret, which are used to request an access token. The access token is requested from the server’s token URL and only active for a limited time. |
| Authorization code |
This grant type is used when a user needs to authorize a client’s access. As a user, you must run a GET call in a browser to receive an authorization code. The client then uses this code to request an access token from the server’s token URL. The access token is only active for a limited time, but you can also use a refresh token to get a new access token without requiring to go through the authorization code retrieval process again. |