Sage 100

 View Only
Back to discussions
Expand all | Collapse all

Oauth

  • 1.  Oauth

    Posted 09-27-2022 14:25

    We are trying to configure OAuth for a client on 2021 sp4.    The following is our setup screen.  I created a brand new app password on a known good and licensed M365 account in the clients tenant and it keeps acting like its the wrong password.  Tried 3 different new app passwords with same issue.

    Does anyone see anything wrong in this setup?



    ------------------------------
    Mark Chinsky
    Clients First Business Solutions
    ------------------------------


  • 2.  RE: Oauth

    Posted 09-27-2022 14:50

    I 'may' have found the issue.  I though you had to use an 'app password' for oauth 2.0.  But the sage help makes it sound like you use the regular password with the 2fa requirement.  

    Is this the case and if so, doesn't need the 2fa code regularly?



    ------------------------------
    Mark Chinsky
    Clients First Business Solutions
    ------------------------------



  • 3.  RE: Oauth

    Posted 09-27-2022 16:04
    I'm not sure if you saw this Sage KB.

    I haven't fiddled with Sage's oAuth just yet, but on other systems implementations, I've had to create and use a Client Secret under the App Registration for it to work.


    ------------------------------
    Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
    ------------------------------

    Original Message


  • 4.  RE: Oauth

    Posted 10-05-2022 12:58
    Just had my first successful OAuth setup.

    The document mentioned above was invaluable in getting through it.

    I don't see anything wrong with the above.

    However, the one thing I did learn is that email address used appears to have to be for the administrator that set up the app registration and then you have to make sure that the user has SMTP send rights.

    The one thing I'm trying to figure out now is that it looks like when actually sending an e-mail from within Sage you can't substitute a different from e-mail.  That doesn't seem to make much sense to me.  Many of my clients have a send e-mail like payroll@mycompany.com and sales@mycompany.com.

    ------------------------------
    Thomas Rogers (TomTarget)
    Target System Technology, Inc.
    ------------------------------



  • 5.  RE: Oauth

    Posted 10-05-2022 13:27
    Curious to hear the answer about the From address as well

    ------------------------------
    Mark Chinsky
    Clients First Business Solutions
    ------------------------------

    Original Message


  • 6.  RE: Oauth

    Posted 10-05-2022 15:45
    I found some settings in the www.office.com portal for active users that seem to suggest that you can allow other users to use that login to send e-mails.

    Just experimented with it a little bit with the current client (who does not really need it) and it didn't seem to have an effect.  Also saw some suggestions that it could take 60 minutes or so before it has an effect.

    In any event, I think I'm on the right track.

    ------------------------------
    Thomas Rogers (TomTarget)
    Target System Technology, Inc.
    ------------------------------

    Original Message


  • 7.  RE: Oauth

    Posted 10-05-2022 15:53
    You must set the rights of the administrator ( or the main account in sage email )  to send on behalf of the other email accounts.  Note that can take a couple hours for the right to propagate to the other users.  

    Get Outlook for iOSo



    Original Message


  • 8.  RE: Oauth

    Posted 10-05-2022 17:52
    Dang.  Delay wasn't the issue.

    It appears that the OAuth doesn't allow for sending for other email accounts based on what I'm seeing at this article.   :(


    How to set up a multifunction device or application to send email using Microsoft 365 or Office 365 | Microsoft Learn

    It would require setting up a relay server.

    ------------------------------
    Thomas Rogers (TomTarget)
    Target System Technology, Inc.
    ------------------------------

    Original Message


  • 9.  RE: Oauth

    Posted 10-05-2022 18:01

    Oauth does allow you to do this,

     

    Sending email on behalf of - Microsoft Community

     

     

     

    Based on your requirement, you can select any permission and before that, first you need to assign delegation permission from Microsoft365 Admin center. Once permission assigned, kindly wait for approx. 30 min and then you can send email on behalf of other user/send as other user from Outlook and Outlook web app. Below we provide you step by step instructions, kindly check it.

     

    For assign permission:

    1.    Login to Microsoft 365 admin center > go to the Users > Active users 

    2.    Select the name of the user (from whom you plan to give a Send on behalf or Send as permission) to open their properties pane.

    3.    On the Mail tab, select Manage mailbox permissions >

    4.    Select Send as or Send on behalf (based on your requirement) > select Add permissions, then choose the name of the user or users that you want to allow to send email on behalf of this mailbox > select Save.

    5.     

    For your reference, here sharing article for the same Send email on behalf of another user and Send as email from another user's mailbox

     

     

     

     




    Original Message


  • 10.  RE: Oauth

    Posted 10-05-2022 18:20
    With or without OAuth, "Send As" permission is required to authenticate as one user, and send "From" someone else. 
    Normally when this is an issue the error in SMTP says something like "you are not allowed to send email from whatevertheaddresswas" (paraphrasing).

    ------------------------------
    Kevin Moyes
    Technical Systems Analyst
    Munjal White Consulting Co.
    ------------------------------

    Original Message


  • 11.  RE: Oauth

    Posted 05-30-2024 17:38
    Edited by Shannon Stanley 05-30-2024 17:48

    @Kevin Moyes

    I'm getting this error that you mentioned when setting up a new email address to be used for OAuth. The IT group provided me a new outlook email address for the OAuth setup. What option and I missing to allow the email address in paperless office to send on behalf of this new email account?

    billssewing1@BillsSewing.onmicrosoft.com not allowed to send as brs@billsewing.com; STOREDRV.Submission.Exception:SendAsDeniedException.MapiExceptionSendAsDenied; Failed to process message due to a permanent exception with message



    ------------------------------
    Shannon Stanley
    Sage 100 Consultant
    Ardent Consulting LLC
    ------------------------------

    Original Message


  • 12.  RE: Oauth

    Posted 05-30-2024 18:00

    That is an Outlook setting, not Sage, and I don't know the details... sorry.  We don't do email support, and client IT handles that when it comes up.



    ------------------------------
    Kevin Moyes
    Technical Systems Analyst
    Munjal White Consulting Co.
    Toronto ON
    ------------------------------

    Original Message


  • 13.  RE: Oauth

    Posted 05-30-2024 18:55

    Got it. Thanks @Kevin Moyes



    ------------------------------
    Shannon Stanley
    Sage 100 Consultant
    Ardent Consulting LLC
    ------------------------------

    Original Message


  • 14.  RE: Oauth

    Posted 05-31-2024 10:47

    Shannon, see Jim's response 2 up from your question.



    ------------------------------
    Eric Lunceford
    First Mate Business Solutions
    Oklahoma City, OK
    877-880-8960
    ------------------------------

    Original Message


  • 15.  RE: Oauth

    Posted 05-31-2024 10:53

    I am curious what and when Sage is going to change the OAuth rules again. From what I understand from our O365 email experts, app passwords are not going to be allowed by Microsoft 365 within the next year.

    For now, this works and the KB is good and easy to follow especially for those of us that do not do email setup.



    ------------------------------
    Michael Davis
    Warren Averett Technology Group
    ------------------------------

    Original Message


  • 16.  RE: Oauth

    Posted 05-31-2024 10:56

    If M$ stops allowing system generated emails entirely, they will lose a lot of business to email service providers who do.



    ------------------------------
    Kevin Moyes
    Technical Systems Analyst
    Munjal White Consulting Co.
    Toronto ON
    ------------------------------

    Original Message


  • 17.  RE: Oauth

    Posted 06-05-2024 16:48

    Thanks @Eric Lunceford. I ended up speaking with Microsoft support and because the client was using a onmicrosoft.com that was not on the same domain as their current email domain that is why it was erroring out.



    ------------------------------
    Shannon Stanley
    Sage 100 Consultant
    Ardent Consulting LLC
    ------------------------------

    Original Message


  • 18.  RE: Oauth

    Posted 10-06-2022 12:08
    Unfortunately,  Microsoft claims that OAuth with SMTP does not support the send as or send on behalf and they do not plan to.  

    This is from the article I referenced above.

    Limitations of SMTP AUTH client submission

    • You can only send from one email address unless your device can store login credentials for multiple Microsoft 365 or Office 365 mailboxes.
    • Microsoft 365 or Office 365 imposes some sending limits. See Exchange Online limits - Receiving and sending limits for more information.

    I had already tried the send as or send on behalf of permissions with no success.

    I believe this works if you are using basic authentication.

    If you have successfully done this, I would love to see how you did it.

    ------------------------------
    Thomas Rogers (TomTarget)
    Target System Technology, Inc.
    ------------------------------

    Original Message


Related Content