Outlook OAuth Authentication

This article details the process of Outlook OAuth authentication in Invent ERP.

Step-by-Step Process

Step 1: Register an App in Microsoft Azure

1. Go to Microsoft Azure and sign in.
2. Navigate to Azure Active Directory → App registrations.
3. Click Add → App registration.
4. Fill in the Name field and choose a Supported Account Type.

Step 2: Configure Redirect URI

1. In Invent ERP, go to Configuration → Settings → Technical → Mail Server → Mail Servers.
2. Click Add, fill in the Mail Server Description.
3. Choose Outlook OAuth Authentication under Authenticate Using.
4. Enter your Outlook email as the Username.
5. Copy the OAuth2 Redirect URL.
6. Back in Azure, select Web as the platform and paste the redirect URL.
7. Click Register.

Step 3: Add API Permissions

1. In Azure, go to API Permissions → Add a permission → Microsoft Graph → Delegated Permissions.
2. Search for and select SMTP.Send and IMAP.AccessAsUser.All.
3. Click Add permissions.

Step 4: Assign Users

1. Go to Overview → Managed Application in Local Directory → User and groups.
2. Click Add user/group, search for and select the users who will send emails.
3. Click Assign.

Step 5: Get Client ID and Client Secret

1. From Overview, copy the Application ID as the Client ID.
2. Go to Certificates & secrets → New client secret.
3. Enter a description, set the expiration date, and click Add.
4. Copy the Value as the Client Secret.

:::warning If the client secret expires, a new one must be created and configured to avoid service interruption. :::

Step 6: Finalize in Invent ERP

1. Paste the Client ID and Client Secret in the Mail Server form.
2. Click Create.
3. Scroll down and click Connect Your Outlook Account.
4. Accept any permissions request.
5. Verify that Token Valid is displayed next to Connect Your Outlook Account.