Skip to main content
Matrix42 Self-Service Help Center

Email settings: Microsoft Exchange Server and Service Connections

Overview

This page provides a step-by-step guide on how to configure email sending in Digital Workspace Platform Administration application via Microsoft Exchange Server, involving modern authentication (OAuth 2.0) and Service Connections

This configuration is available starting from DWP v.11.0.1 or higher. 

Email configuration belongs to the basic settings of the DWP, therefore no extra subscriptions (DWP Subscription) or licenses are required.

Prerequisites

  • Digital Workspace Platform v.11.0.1 or higher
  • Microsoft Azure account with granted permissions for Applications Registration
  • An active and available mailbox that is the same as the one registered for your Microsoft Azure Account

Configuration

Use this video tutorial as a reference:

Configuration steps:

  1. New Service Connection using Microsoft 365 Service with Exchange capabilities;
  2. Emails settings in DWP  Administration area.

Service Connection

Log in to the Administration area of the Digital Workspace Platform, proceed to Integration navigation Item → Service Connections → choose Connections.

  1. To start configuration, click Add Service Connection action:
    01_1.png
  2. Fill out the required fields:
    02.png
  3. In the Service field, select Microsoft 365 Exchange object, which is available by default in the system:
    03_1.png
    The name for your Service Connection is auto-generated, but you can modify it if necessary.
  4. In the Tenant field, proceed with creating a new tenant. Fill out the name:
    04.png
  5. In the Service field choose Microsoft 365 with OAuth Authentication Type:
    05.png
  6. For Client ID, Tenant ID, and Client Secret, login to Microsoft Azure portal:
    06_1.png
  7. On the home page of the Microsoft Azure Portal, go to App registrations area, and create New Registration
    07_1.png
  8. Provide an application name. Leave the default configuration in the Supported account types
  9. To set the Redirect URI, select a Web platform option. Modify the Redirect URI according to the example:

    https://{hostname}/wm/externalAuth/redirect.html

    08.png

  10. Click Register to proceed. 

  11. Copy and paste Client ID and Directory ID values from the Microsoft Azure portal to the Service Connections Tenant configuration:
    09_1.png
    Microsoft Azure Portal: Application (client) ID and Directory (tenant) ID for Service Connections Tenant configuration
    10_1.png
    Digital Workspace Platform: Client ID and Tenant ID values for Service Connections Tenant configuration

  12. Go back to Microsoft Azure portal, open Authentication area, and scroll down to the Implicit grant and hybrid flows section. Enable Access Tokens, ID Tokens:
    11_1.png

  13. Click Save to apply changes.

  14. For Client Secret, switch to Certificates & secrets area and create a New Client secret from Client secrets tab:
    12_1.png

  15. Add the description, choose the Client secret expiration period and click Add:
    13_1.png

  16. Copy and paste the Client secret value from the Azure Portal to the Tenant configuration. Please note that the secret value will be decrypted and no longer available if you refresh the page of the Microsoft Azure portal, so make sure to save it to the clipboard:
    14_1.png
    Microsoft Azure Portal: Client secret Value
    15_1.png
    Digital Workspace Platform: Client Secret Value in Service Connections Tenant configuration

  17. Go back to the Microsoft Azure portal and grant permissions using API Permissions area. Remove the default configuration and click Add a permission, choose Microsoft Graph:
    21_1.png

  18. Choose Delegated permissions:
    20_1.png

  19. One by one add the following permissions:

    • offline_acces

    • EWS.AccessAsUser.All

    • SMTP.Send 

    • Mail.Send
      19_1.png
      Verify the successfully saved permission status in the Notifications area. 

  20. To finalize the Service Connection configuration, in the Administration area click Setup Authentication:
    16_1.png

  21. Sign in with your Microsoft account. For accounts with Multi-factor authentication, choose the necessary authentication method and proceed.
    Accept the requested permissions:
    17_1.png

  22. When Service Connection Authentication has been successfully fulfilled, click Done:
    18_1.png

Emails settings

To finalize the emailing configuration, in Administration area, open SettingsEdit Global System Settings

22_1.png

In the Emails view:

  • Enabled: select the checkbox to enable emailing
  • Specify SMPT server according to the email server configuration
  • Verify the Default Sender
  • Enable SMTP Authentication
  • Enable Use SSL option
  • Select Modern Authentication (OAuth 2.0) property
    • Mailbox Email Address: enter an address of an active and available mailbox that is the same as the one registered for your Microsoft Azure Account
    • Service Connection: choose a previously created Service Connection

23_1.png

Click Done to finalize the configuration and save changes.

Now your Digital Workspace Platform emailing is working.