Configure client credential flow for SMTP OAuth2 using a client id and secret

Watch

Save as PDF

Share this page

Feedback

Administer the ServiceNow AI Platform

HomeXanadu ServiceNow AI Platform AdministrationAdminister the ServiceNow AI Platform Configure core featuresNotificationsEmail AdministrationConfigure email administrationAdvanced email setupSend email using client credential flowConfigure client credential flow for SMTP OAuth2 using a client id and secret

Table of Contents

Configure client credential flow for SMTP OAuth2 using a client id and secret

Release version:
Xanadu
Yokohama
Washington DC
UpdatedAug 1, 2024
2 minutes to read

Xanadu
Notifications

Configure outbound email accounts in a ServiceNow instance using a client id and secret.

Before you begin

Create an Microsoft Azure account to configure an OAuth profile.

Complete the setup steps using your Microsoft Azure Developer account. See Microsoft Azure product documentation for instructions on creating and configuring custom applications.

Role required: Microsoft Azure portal administrator and admin

Procedure

Log in to the Microsoft Azure registration portal with your organization credentials.
For more information, see the Microsoft Azure registration portal documentation.
Register a new custom application by filling in the application name, supported account type, and redirect URL, and select Register.

Note: Enter the redirect URL in the following format: https://<instance>/oauth_redirect.do.

An overview of the application's basic information is displayed.
Copy the client ID to a text file.
You’ll use this client ID and the client secret value generated in the next steps to register the app as a third-party OAuth provider on your ServiceNow instance. You use the application ID as the client ID when you connect the application to your instance.
Enable the SMTP.SendAsApp permission.
1. In Microsoft Azure, navigate to Manage > API permissions.
2. Select Add a permission.
3. Select the Microsoft Office 365 tile.
4. Select Application Permissions.
5. In the Select permissions field, enter SMTP SendAsApp.
6. Select the SMTP SendAsApp check box.
7. Select Add permissions.
Select Grant admin consent for <your organization name>, then select Yes to confirm.
Add a client secret.
1. In Microsoft Azure, navigate to Manage > Certificates & secrets.
2. Select New client secret.
3. Provide a description and an expiration date, then select Add.
Copy the value (secret value) to a text file.
Register service principals in Microsoft Exchange using PowerShell.
1. Run the following commands.
```
Install-Module -Name ExchangeOnlineManagement -allowprerelease
Import-module ExchangeOnlineManagement
Connect-ExchangeOnline -Organization <tenantId>
```
  For more information, see Authenticate SMTP connection using OAuth
2. Register an Microsoft Azure AD application's service principal by running the following command.
```
New-ServicePrincipal -AppId <APPLICATION_ID> -ObjectId <OBJECT_ID>
```
  Important: For the OBJECT_ID value, go to Overview > Managed applications in local directory and copy the Object ID.
3. Add permission to user email ID using the following command.
```
Add-MailboxPermission -Identity "<email_id>" -User <object_id> -AccessRights FullAccess 
```
Navigate to Overview > Endpoints and copy the OAuth 2.0 token endpoint (v2) to a text file.
You use the OAuth 2.0 token endpoint (v2) when registering an OAuth provider. For more information, see Register an OAuth Provider.

What to do next

Was this topic helpful?

Yes No

Activate OAuth support plugin

Log in to get a better experience

Explain this code

Install-Module -Name ExchangeOnlineManagement -allowprerelease
Import-module ExchangeOnlineManagement
Connect-ExchangeOnline -Organization <tenantId>

How was this response?

Code explanation using AI

Xanadu ServiceNow AI Platform Administration

Filters

Versions

Products