========= Mail Gateway ========= Redpeaks must be configured to send reports and alerts by email, three authentication types are available: ^ Type ^ Description ^ | **SMTP** | Standard login with username and password | | **SMTP Office 365 (OAuth2)** | Office 365 SMTP using modern login (OAuth2) | | **Exchange Online (Graph API)** | Uses Microsoft Graph API (recommended for Microsoft 365) | ----- ===== SMTP Authentication ===== Use this mode for internal or basic mail servers ^ Field ^ Description ^ | **Server** | Name or IP address of the mail server (example: ''smtpcompanycom'') | | **Port** | Port number (25, 465 or 587) | | **Secure TLS connection** | Enable if your mail server needs TLS or STARTTLS | | **From** | Email address used to send the message (example: ''noreply@companycom'') | | **Need authentication** | Enable if the server requires login | | **Username** | SMTP account username | | **Password** | SMTP account password | {{..:..:..:userguide:administration:adminconfig:pasted:20251113-083750.png}} ----- ===== Azure AD / Microsoft 365 Prerequisites (for OAuth2 modes) ===== Both **SMTP Office 365 (OAuth2)** and **Exchange Online (Graph API)** need an app in **Microsoft Entra ID** (previously Azure Active Directory) ==== 1 Create the application ==== ^ Step ^ Action ^ | 1 | Open [[https://portalazurecom|Azure Portal]] | | 2 | Go to **Microsoft Entra ID** | | 3 | Click **App registrations** → **New registration** | | 4 | Name it (for example: ''Redpeaks Mail Gateway'') | | 5 | Select **Accounts in this organizational directory only (Single tenant)** | | 6 | Leave **Redirect URI** empty | | 7 | Click **Register** | On the app **Overview** page, note: * **Application (client) ID** → used as **Client ID** * **Directory (tenant) ID** → used as **Tenant ID** ==== 2 Tenant ID ==== The Tenant ID is your company’s unique Microsoft 365 / Entra ID identifier ^ Where to find it ^ Location in Azure Portal ^ | Option 1 | Microsoft Entra ID → Overview → Tenant ID | | Option 2 | App registrations → Redpeaks Mail Gateway → Overview → Directory (tenant) ID | Copy this value into the **Tenant ID** field in Redpeaks ==== 3 Add API Permissions ==== ^ Mode ^ Permissions to Add ^ | **SMTP Office 365 (OAuth2)** | Office 365 Exchange Online → Application permissions → SMTPSend | | **Exchange Online (Graph API)** | Microsoft Graph → Application permissions → MailSend | After adding permissions, click **Grant admin consent for [your tenant]** and confirm ==== 4 Create a Client Secret ==== ^ Step ^ Action ^ | 1 | Go to **Certificates & secrets** | | 2 | Under **Client secrets**, click **New client secret** | | 3 | Add a short name (example: ''Redpeaks'') and select an expiration time | | 4 | Click **Add** | | 5 | Copy the **Value** immediately - this is your **Client Secret** for Redpeaks | ==== 5 Should you change the OAuth scope? ==== Normally, you **do not change this field** Redpeaks automatically uses the correct default scope: ^ Mode ^ Default Scope ^ | SMTP Office 365 (OAuth2) | ''https://outlook.office365.com/.default'' | | Exchange Online (Graph API) | ''https://graph.microsoft.com/.default'' | Only change it in special cases: * If your Microsoft 365 tenant is hosted in another region or national cloud: - US Gov: ''https://graphmicrosoftus/default'' - Germany: ''https://graphmicrosoftde/default'' * If your IT or Redpeaks support tells you to use a custom resource When using a custom scope: * It must match the permissions granted in Azure * You can add several scopes separated by spaces ----- ===== SMTP Office 365 (OAuth2) ===== Used to send emails through Office 365 SMTP with OAuth2 login ^ Field ^ Description ^ | **From** | Email address used to send the message (must exist in Exchange Online) | | **Tenant ID** | Paste the Directory (tenant) ID from Azure | | **Client ID** | Paste the Application (client) ID from Azure | | **Client Secret** | Paste the secret Value created in Certificates & secrets | | **OAuth Scope** | Leave empty (default: ''https://outlook.office365.com/.default'') | {{..:..:..:userguide:administration:adminconfig:pasted:20251113-083707.png}} ----- ===== Exchange Online / Microsoft 365 (Graph API) ===== Used to send emails through Microsoft Graph API (recommended) ^ Field ^ Description ^ | **From** | Email address used to send the message (Exchange Online mailbox) | | **Tenant ID** | Paste the Tenant ID from Azure | | **Client ID** | Paste the Application (client) ID from Azure | | **Client Secret** | Paste the secret Value created in Certificates & secrets | | **OAuth Scope** | Leave empty (default: ''https://graph.microsoft.com/.default'') | {{..:..:..:userguide:administration:adminconfig:pasted:20251113-083609.png}} ----- ===== Validation ===== ^ Step ^ What to Do ^ | 1 | Save the Mail Gateway settings in Redpeaks | | 2 | Use the **Test email** button to check the configuration | | 3 | If the test fails, check: | | • | Tenant ID, Client ID and Client Secret values | | • | Permissions (SMTPSend or MailSend) and admin consent | | • | The From address exists and can send messages |