# Setting up Oauth SMTP Entra
## Creating an Entra application
***
### Register an Entra application
* Log in to your [Entra portal](https://entra.microsoft.com/)
* In **`Entra ID`** section go to **`App registrations`** > **`New registration`**
{% hint style="danger" %}
**Warning**: Do not switch to the **Enterprise apps**, your configuration will subsequently fail.
{% endhint %}
* Enter an application name
* On GLPI, retrieve the GLPI redirection URL available in **`Configuration`** > **`Notifications`** > **`Configuration of email notifications`**. In **`Way of sending emails`**, select **`SMTP+OAUTH`**.
* You will see the redirection URL in the new menu that appears. Copy the callback URL
* Then in URI redirection, select **`web`** on EntraID Portal
* Paste the **`Callback URL`** retrieved before
* Click on **`Save`**.
***
### Creating the secret
* Now, on your new App registered go to **`certificate and secrets`**.
* Click on **`new client secret`**.
* Enter a **`name`** and an **`expiry date`**.
* Then click on **`add`**
* Once validated, the secret **`value`** appears.
{% hint style="info" %}
**Point of attention**
The **value** of the secret must be reflected in client secret on the GLPI side. This value is only visible once, remember to save it in a safe place.
{% endhint %}
***
### Adding claims
The addition of claims is necessary so that GLPI can use the SMTP service via the Entra application.
* Go to **`API Permissions`**
* In the **`Claims`** tab, click on your application (in this case Microsoft graph).
* On the right-hand side of the screen, search for **`SMTP`**.
* select it then click on **`Update permissions`**.
***
### Last GLPI settings
* Return to the application's **`Overview`** menu to find the information you need to enter into GLPI.
* We filled in the secret value in the previous step, all that remains is to fill in the **`Application ID`** and the directory ID.
* When you click on **`Save`**, you will be redirected to the Microsoft account to be connected.
{% hint style="warning" %}
**Warning**\\
\
The account synchronized with OAuth SMTP must also be the one sending the emails. This account is identified in the sender's email
{% endhint %}
## Authenticated SMTP configuration
In order for the account using SMTP services to be authorised to send mail, it is imperative to activate **`authenticated SMTP`** from the Entra Tenant.
* Connect to your [tenant](https://entra.microsoft.com/)
* Go to **`Users > Active users`** and click on the relevant account
* Then go to **`Mail > Manage mail applications`** and select **`SMTP Authenticated`**
Authenticated SMTP enabled
## Send test
* Once you have entered your Microsoft account details, you will need to accept the necessary authorisations. All that's left is to carry out a test send.
## References
GLPI documentation ["Email followups configuration"](https://glpi-user-documentation.readthedocs.io/fr/latest/modules/configuration/notifications/email_notifications.html)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://help.glpi-project.org/tutorials/notifications/oauth_smtp_entra.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.