Skip to main content
Matrix42 Self-Service Help Center

Email settings: Microsoft Exchange Server and Service Connections

  1. Last updated
  2. Save as PDF

Overview

This page provides a step-by-step guide on how to configure email sending in Enterprise Automation Platform Administration application via Microsoft Exchange Server, involving modern authentication (OAuth 2.0) and Service Connections

This configuration is available starting from EAP v.11.0.1 or higher. 

Email sending belongs to the basic settings of the EAP, therefore no extra subscriptions (EAP Subscription) or licenses are required.

Prerequisites

  • Enterprise Automation Platform v.11.0.1 or higher
  • Microsoft Azure account with granted permissions for Applications Registration
  • An active and available mailbox that is the same as the one registered for your Microsoft Azure Account

Configuration

Use this video tutorial as a reference:

Configuration steps:

  1. New Service Connection using Microsoft Entra ID Service with Exchange capabilities;
  2. Emails settings in EAP  Administration area.

Sending emails with Application Permission is not possible, only configurations via Delegated Permission are supported. 

Service and Tenant used in Service Connection Configuration can be created before the Service Connection is established.

See also, Configuring Microsoft Azure settings for the E-mail Robot service connection.

Service Connection

Log in to the Administration area of the Enterprise Automation Platform, proceed to Integration navigation Item → Service Connections → choose Connections.

  1. To start configuration, click Add Service Connection action:
    01_MS_Exchange_Service_Connection1.png
  2. Fill out the required fields:
    02_MS_Exchange_Service_Connection.png
  3. In the Service field, select Microsoft Entra ID Exchange object, which is available by default in the system:
    03_MS_Exchange_Service_Connection.png
    The name for your Service Connection is auto-generated, but you can modify it if necessary.
  4. In the Tenant field, proceed with creating a new tenant. Fill out the name:
    04_MS_Exchange_Service_Connection.png
  5. In the Service field choose Microsoft Entra ID with OAuth Authentication Type:
    05_MS_Exchange_Service_Connection.png
  6. For Client ID, Tenant ID, and Client Secret, login to Microsoft Azure portal:
    06_MS_Exchange_Service_Connection.png
  7. On the home page of the Microsoft Azure Portal, go to App registrations area, and create New Registration
    07_1.png
  8. Provide an application name. Leave the default configuration in the Supported account types

  9. To set the Redirect URI, select a Web platform option. Modify the Redirect URI according to the example:

    https://{hostname}/wm/externalAuth/redirect.html

    08.png

  10. Click Register to proceed. 

  11. Copy and paste Client ID and Directory ID values from the Microsoft Azure portal to the Service Connections Tenant configuration:
    09_1.png
    Microsoft Azure Portal: Application (client) ID and Directory (tenant) ID for Service Connections Tenant configuration
    07_MS_Exchange_Service_Connection.png
    Enterprise Automation Platform: Client ID and Tenant ID values for Service Connections Tenant configuration

  12. Go back to Microsoft Azure portal, open Authentication area, and scroll down to the Implicit grant and hybrid flows section. Enable Access Tokens, ID Tokens:
    11_1.png

  13. Click Save to apply changes.

  14. For Client Secret, switch to Certificates & secrets area and create a New Client secret from Client secrets tab:
    12_1.png

  15. Add the description, choose the Client secret expiration period and click Add:
    13_1.png

  16. Copy and paste the Client secret value from the Azure Portal to the Tenant configuration. Please note that the secret value will be decrypted and no longer available if you refresh the page of the Microsoft Azure portal, so make sure to save it to the clipboard:
    14_1.png
    Microsoft Azure Portal: Client secret Value
    08_MS_Exchange_Service_Connection.png
    Enterprise Automation Platform: Client Secret Value in Service Connections Tenant configuration

  17. Go back to the Microsoft Azure portal and grant permissions using API Permissions area. Remove the default configuration and click Add a permission, choose Microsoft Graph:
    21_1.png

  18. Choose Delegated permissions:
    20_1.png

  19. One by one add the following permissions:

    • offline_access

    • SMTP.Send 

    • Mail.Send
      19_1_2.png
      Verify the successfully saved permission status in the Notifications area. 

  20. To finalize the Service Connection configuration, in the Administration area click Setup Authentication:
    09_MS_Exchange_Service_Connection.png

  21. Sign in with your Microsoft SMTP account (mailbox user). For accounts with Multi-factor authentication, choose the necessary authentication method and proceed.
    Accept the requested permissions:
    17_1.png

  22. When Service Connection Authentication has been successfully fulfilled, click Save & Close:
    10_MS_Exchange_Service_Connection.png

Emails settings

To finalize the emailing configuration, in Administration area, open SettingsEdit Global System Settings

11_MS_Exchange_Service_Connection.png

In the Emails view:

  • Enabled: select the checkbox to enable emailing
  • Specify SMPT server according to the email server configuration, e.g. smtp.office365.com:567
  • Verify the Default Sender
  • Enable SMTP Authentication
  • Enable Use SSL option
  • Select Modern Authentication (OAuth 2.0) property
    • Mailbox Email Address: enter an address of an active and available mailbox that is the same as the one registered for your Microsoft Azure Account
    • Service Connection: choose a previously created Service Connection

12_MS_Exchange_Service_Connection.png

Click Done to finalize the configuration and save changes.

Now your Enterprise Automation Platform emailing is working.