circle-check
GLPI 10.0.24 and 11.0.6 are now available
Download herearrow-up-right
search
45-day free trialGLPI releases lifecycle

windowsSetting up Oauth SMTP Entra

hashtag
Creating an Entra application

hashtag
Register an Entra application

triangle-exclamation

Warning: Do not switch to the Enterprise apps, your configuration will subsequently fail.

  • Enter an application name

  • On GLPI, retrieve the GLPI redirection URL available in Configuration > Notifications > Configuration of email notifications. In Way of sending emails, select SMTP+OAUTH.

Viewing the callback URL

  • You will see the redirection URL in the new menu that appears. Copy the callback URL

Copy of URI

  • Then in URI redirection, select web on EntraID Portal

  • Paste the Callback URL retrieved before

  • Click on Save.

hashtag
Creating the secret

  • Now, on your new App registered go to certificate and secrets.

  • Click on new client secret.

  • Enter a name and an expiry date.

  • Then click on add

Duration of secret

  • Once validated, the secret value appears.

circle-info

Point of attention

The value of the secret must be reflected in client secret on the GLPI side. This value is only visible once, remember to save it in a safe place.

hashtag
Adding claims

The addition of claims is necessary so that GLPI can use the SMTP service via the Entra application.

  • Go to API Permissions

  • In the Claims tab, click on your application (in this case Microsoft graph).

Verifying claims via API permissions

  • On the right-hand side of the screen, search for SMTP.

  • select it then click on Update permissions.

Adding claims

hashtag
Last GLPI settings

  • Return to the application's Overview menu to find the information you need to enter into GLPI.

  • We filled in the secret value in the previous step, all that remains is to fill in the Application ID and the directory ID.

Entra application information
GLPI configuration

  • When you click on Save, you will be redirected to the Microsoft account to be connected.

circle-exclamation

Warning The account synchronized with OAuth SMTP must also be the one sending the emails. This account is identified in the sender's email

hashtag
Authenticated SMTP configuration

In order for the account using SMTP services to be authorised to send mail, it is imperative to activate authenticated SMTP from the Entra Tenant.

  • Connect to your tenantarrow-up-right

  • Go to Users > Active users and click on the relevant account

  • Then go to Mail > Manage mail applications and select SMTP Authenticated

Authenticated SMTP enabled
Authenticated SMTP enabled

hashtag
Send test

  • Once you have entered your Microsoft account details, you will need to accept the necessary authorisations. All that's left is to carry out a test send.

Test email sent successfully

hashtag
References

GLPI documentation "Email followups configuration"arrow-up-right

PreviousNotificationsNextOauth SMTP Google

Last updated