It is already built in to Suite * and works nicely.
See the OAuth sections under Admin.
It’s been in since at least 7.10
I use it on 7.11.21
7.12 fixes a bug with it when using PHP8
@DJuser how can we use the OAUTH sections to setup inbound M365 email accounts to use modern authentication protocol (based on OAUTH2) instead of standard IMAP basic authentication. I can see this is supported as SugarCRM Microsoft connector on SugarCRM, does SuiteCRM have something similar?
The OAuth sections are in admin:
- OAuth Keys
- OAuth2 Clients and Tokens
Can you talk us through, how you configured the settings there - and where did you see a problem (show screenshots of your problem).
1 Like
Hi @DJuser ,
thank you for your feedback. I am aware of these sections in Administration part of CRM, but I think these 2 sections are used to setup OAuth for API exposed from SuiteCRM (incoming requests direction). If you want some client to be able to connect to SuiteCRM API you are setting OAuth options in this administration section.
What I am trying to do is setup all inbound email accounts to connect to Microsoft 365 using OAuth2 authentication, instead of standard IMAP basic authentication.
When looking at at available inbound email configuration options, we have following:
There is no option to enter the M365 authentication server endpoint or anything related to OAuth authentication for inbound emails. I can see Sugar has a Microsoft connector available, is something like this available as a plugin or a native SuiteCRM functionality:
3 Likes
Hi,
I am also facing this problem, how to be able to set up outgoing and incoming emails with office365, instead of the current SMTP with the new OAuth connection method.
It seems to me that in Sugar there is a possibility.
Will it be implemented soon in SuiteCRM as well?
Thanks
3 Likes
Hi,
We are also looking for the functionality to configure O365 email addresses using modern authentication, Microsoft will disable IMAP basic authentication on 1 October 2022 and this will impact on many customers using Inbound email to case creation and campaigns.
We have configured Client ID and Client Secret in OAuth Keys but still no option available to use modern authentication in Inbound email configuration. (see below screenshot)
Can anyone have already worked on this and made this available on SuiteCRM.
I don’t use Office365 but just so I understand the requirement, what is missing in SuiteCRM in order to use this new authentication?
Is it a new field in the email account configuration, some key that needs to be sent to server?
In SuiteCRM we do not have Microsoft connector to configure Client ID and Client Secret, whereas it is available in SugarCRM version 10.0 and higher.
Once you configure Microsoft connector and enable it, on the email configuration section you will get Microsoft Exchange option which allow you to authenticate O365 Email addresses directly from O365, no need to enter and save password in the CRM.
Below link from SugarCRM.
https://support.sugarcrm.com/Knowledge_Base/Connectors_Integrations/Integrating_With_Microsoft_for_Admins/#Configuring_Sugars_Microsoft_Connector
I’m not sure how complex that would be, but I wonder if something simpler wouldn’t be achievable without a full “connector” that skips authentication in SuiteCRM.
Just some field for a key in the email configuration, so you can use the accounts as before! Shouldn’t be too hard…
this is a major issue and prevents any use of suitecrm if this can’t be fixed. is there an update?
1 Like
I wouldn’t be sure that anyone in SalesAgility is going to be looking at this any time soon. My guess is that they will do so if pushed by one of their clients, if not, they will focus one of the other 1000 things on their work list. Fair enough.
This is the sort of thing that the Community can solve, people need to get together and try to find ways to make this work with tweaks to the existing code.
I wouldn’t think of this in terms of a “Connector”, or any fancy new functionality, I would just focus on the hurdle of getting OAUTH2 authentication to work. SuiteCRM uses something called PhpMailer, we probably need to add a special case in there at the moment it’s authenticating. Perhaps this will require some additional field on screen, in the UI. But it shouldn’t be terribly difficult.
People can get together and pay a developer for a few hours of work cracking this problem [not me, I’m not free at the moment].
Have you guys tried app passwords?
I’ve already mentioned on my response how to achieve that.
Yes, you’ve mentioned it in the other thread, that’s why I came here to let other people know about it, and linked to your reply 
App Passwords use Basic Auth so they won’t help. Ie they’ll also be disabled in October+
Ref. first para of this article from MS date 7/1/2022: Deprecation of Basic authentication in Exchange Online | Microsoft Docs
Hi @sravanitedla , are there any updates on this issue? Any progress that’s been made to allow OAuth access to Microsoft Exchange? Thanks.
Hi there, has anyone anything new on this subject?
Hello, we moved all email to AWS SES relay services. Took a few minutes to config and few days to get AWS to approve our use case (they are strict on ensuring policy compliance).
Best thing that we ever did. All our email now goes via this service. We do not (at this time) have any need for inbound email to SuiteCRM. For which we will need a MS API Graph solution.
so how does your
So how does your team check email inside suitecrm, or they just don’t do that?
Hello, currently we cannot accept inbound email to SuiteCRM, it only goes as far as O365. We utilise SuieCRM workflow, and also take all data out of SuiteCRM hourly and analyse in Qlik Sense, where we have added more workflow and alerts to ensure that in conjunction with our ticketing system we can create contiguous and automated processes. For example, our contracts processes are initiated in SuiteCRM but analysed in Qlik Sense and this alone has 250 possible stages, which we process map and visualise in a Qlik Extension.
Sorry if this is more than you expected by means of a response.