OAuth 2.0 Microsoft Exchange Email Connection
Automation has been using basic authentication for Microsoft Exchange Web Service (EWS) until now. Automation users can now access Microsoft Emails using OAuth 2.0 using Microsoft (EWS) by creating a new connection or updating an existing connection. And they can use Send, Subscribe, and Receive Message Test APIs with Microsoft Exchange for emails
Prerequisite
A prerequisite to authenticating a user using Microsoft Exchange Web Service (EWS) API is registering Automation as an App on the ActiveDirectory App Registration to generate the connection properties and grant the necessary access to retrieve the requisite data. Microsoft provides the following options to set up a Microsoft Exchange:
- Get an Office 365 Developer Site (recommended). This is the quickest way for you to get an Exchange mailbox.
- Download Exchange Server.
Steps to create an OAuth 2.0 Connection in Automation
A connection must be created to authenticate the user to integrate with Microsoft Exchange.
In the Test Settings, navigate to the Connections tab and click the plus (+) sign icon. The Add New Connection screen is displayed. Give a Connection Name.
In this example, we have given the Connection Name as MSOAuth Host. And the Connection Type as Microsoft and MS Exchange.
The Type field is now displayed as a drop-down with the default value Online Exchange Account (Deprecated) option. The Type field is an authorization assertion type, and it displays three options in the drop-down:
- Exchange 2007 or later (via EWS)
- Older version of Exchange (via IMAP)
Select the Exchange 2007 or later (via EWS) option; we’ll first see the Host field.
In the Host field, we can see two options:
a) Auto Discover
We have selected Host as Auto Discover.
In the Authenticate field, select OAuth 2.0.
Enter the values for the required fields; the Tenant ID, Client ID, Client Secret, and Redirect URL information will be available for the Provar App configured on the Microsoft ActiveDirectory App Registry.
Note: The Authorise button is enabled only after you have filled these five mandatory fields.
We have created a connection, filled in all the mandatory fields, and clicked Authorise.
The MS Exchange Authorisation screen allows users to authenticate with their Microsoft account.
Enter the user password and click Sign in.
We have authenticated our OAuth 2.0 connection; the Access Token and Refresh Token are fetched from Microsoft.
There is some validity for these tokens in the Microsoft account. If these Access Token and Refresh Token are invalidated, validity has been breached, and the Refresh Token has expired. So, the Refresh token will stop working, and an error will be displayed to the user.
Note: Since we had Revoked this token, for example, the error message is Revoked; if it would have expired, then the error message would have displayed for Expired.
If some fields are filled incorrectly or if some fields are invalidated, then the corresponding error messages will be displayed. For example, let’s say there is some change in the Client ID field; then the Access Token and Refresh Token are invalidated. And you will have to authorize the connection again.
b) Supplied Host Name
We have selected Host as the Supplied Host Name.
In this case, we have to supply a Host Name.
Note: Automation currently supports Microsoft 365 as a hostname for Outlook email; this name will always be the hostname (outlook.office365.com). Users can specify whatever hostname they want to provide.
We have supplied the Host Name, so there is no User Name field. In this case. We know where the server is deployed since we have provided the hostname.
Enter the values for the required fields; the TenantID, Client ID, Client Secret, and Redirect URL information will be available for the Automation App configured on the Microsoft ActiveDirectory App Registry.
When we click on Authorise, we must provide a username and a password.
Note: The Authorise button is enabled only after you have filled these five mandatory fields.
We have created a connection, filled in all the mandatory fields, and clicked Authorise.
The MS Exchange Authorisation screen allows users to authenticate with their Microsoft account.
Enter the password and click Sign in.
We have authenticated our OAuth 2.0 connection, and the Access Token and Refresh Token are fetched from Microsoft.
Note: The OAuth functionality only applies to the “Exchange 2007 or later (via EWS). Users will not be able to create this type of Online Exchange Account (Deprecated) connection, and if anyone has created it, they will have to manually update their connections for Online Exchange Account. Earlier, it was just displayed as an Online Exchange Account. And now, it is displayed as an Online Exchange Account(Deprecated), as displayed in the screenshot below. And, it will be removed in the future Provar releases from the type of connections.
Microsoft mail server connection via HTTP Proxy settings
Automation has now updated the mail server connection to enable a proxy connection. Earlier, if the user created a Microsoft connection, it wasn’t supported for proxy type of connections, i.e., they had to use it without any proxy. Let’s say if a user had enabled proxy on their machine, then they wouldn’t be able to use this Microsoft connection.
Automation now supports the Microsoft connection using proxy. You can enable proxy settings from Help > Network Settings. Click New to enable proxy like any HTTP Proxy or OAuth proxy or non-OAuth proxy. Now, Microsoft connections will work, if the user has enabled HTTP Proxy settings.