Enable OAuth 2.0 for email

Setting up OAuth 2.0 for email requires you to obtain access and refresh tokens from your email provider.

Before you begin

  • Role required: admin
  • Plugin required: Email - OAUTH support for IMAP and SMTP

Procedure

  1. Log in to your third-party email account, such as Gmail, and enable OAuth 2.0.
  2. Obtain the following from your third-party email account:
    • client ID
    • client secret
    • authorization URL
    • token URL
    • redirect URL
    • token revocation URL
  3. Navigate to System OAuth > Application Registry.
  4. Click New.
  5. Click Connect to a third party OAuth Provider to create an application registry record that email uses.
  6. Use the information you obtained from your third-party email account to fill in the fields on the form. See Use a third-party OAuth provider for instructions. Create the OAuth application registry record and its associated OAuth Entity Profile and OAuth Entity Scope records.
  7. Click Submit.
  8. Navigate to System Mailboxes > Administration > Email Accounts.
    The system displays the list of available email accounts.
  9. (Optional) If you do not want to receive email sent to the default instance email address, locate the record for ServiceNow POP3 and change Active to false.
    The system can receive email from multiple POP3 email accounts.
  10. Locate the records for ServiceNow SMTP and change Active to false.
  11. Click New.
    The system displays a blank Email Account form.
  12. Create an email account record for your OAuth 2.0 SMTP server where the Type is SMTP.
  13. For Authentication, select OAuth 2.0.
  14. For OAuth Profile, select the application registry record you created.
  15. Click Authorize Email Account Access to obtain the access and refresh tokens.

    Another browser window opens asking you to authorize the account access on the third-party email account.

  16. Authorize the access.

    After the authorization is successful and the tokens are saved to the instance, the Authorize Email Account Access button no longer appears on the Email Account form.

  17. Click New.
    The system displays a blank Email Account form.
  18. Create an email account record for your OAuth 2.0 IMAP server where the Type is IMAP.
    Use the same Authentication and OAuth profile settings as the OAuth SMTP email account.