Google SMTP using OAuth2 since september 30 will be deprecated the less secure app function

Hi. Since Google announced that will no longer allow Less Secure App authentication for SMTP or IMAP connection using Google Workspace starting the next 30 of september, I think will be very useful to create a tutorial like this: How to configure a Microsoft OAuth Provider :: SuiteCRM Documentation
to achieved that being Google Workspace one of the most common service provider of Mail Hosting in the world.

I will make it, starting today but any help or corrections will be very appreciated.

2 Likes

I’ve been using an app password for my regular gmail account. Are they doing away with both less secure apps AND app passwords?

1 Like

It seems that kind of method is still allowed: Will "Application Passwords" still be supported after September 30 2024? - Google Account Community
Still, I will try to connect through the mentioned method because eventually will be the only way to interact with the google workspace account of the users who only work with that provider.

1 Like

Hi. Thanks much for your post and for your plans to create a tutorial for how to configure a Google Workspace OAuth provider. My company has just started using SuiteCRM and will need your tutorial. Please let me know if I can assist you as you develop this guide or test it. Thanks again!

Hi… I will try to divide this “tutorial” (mostly a collaboration post) in three parts, this first one is related with the creation of the credentials for the API interaction in the Google Cloud Platform.

I am assuming that you have a Google Workspace account and a Google Cloud Console account, otherwise, you can follow this tutorial:
Google Workspace: Sign up for a free Google Workspace trial  |  Google Workspace Knowledge Center
Google Cloud Platform: Google Cloud Documentation

Once you have a fully functional account in Google Cloud Platform follow the next screenshots:

Go to the site https://developers.google.com/oauthplayground

The next post will use these tokens and ids to try to make a OAuth Provider in SuiteCRM.

3 Likes

In case anyone is wondering the reason why google is stopping “less secure apps”, it’s because these are apps (phone, PC, web, or server apps) which save your actual google account password in clear text, and use transmit it to google to login and send/receive mail (or perform actions with other areas of your google account). Saving your cleartext password in many “less secure apps” is incredibly risky. This is why the upgrade to app passwords, and OAuth2.

1 Like

Thanks much, davidmov, for posting the first of these three posts. I followed your steps in this post and all worked well.

Are you still planning to post the next two parts? I would appreciate that.

I believe your plan for the next post was to show how to make a OAuth Provider in SuiteCRM.

Hi… Sorry for the delay, but it didn’t work the first time I tried it and then I got into a time-consuming project. But I have to finish this tutorial, after all, I have no other choice since my email provider is Google Workspace, so…
I will give it a try this weekend.

No apology necessary! Thanks for your help preparing these guides!

Hi boss,
Do you have any update ?
I’m so deep in struggle

What issues you have? Did you turn on less secure app on the google?

Hi… unfortunately no, I managed to make some testing using Google’s PHP API library and I was able to connect with OATH2 method and retrieve and read all my emails. But my company decided to migrate to Microsoft Office 365 subscription due to cost reduction and now I don’t need to connect SuiteCRM with Google Workspace anymore and I don’t have time to continue with the tutorial at least for this year.

You’re going to regret that! With Google you can install Yahit integration to push/pull emails/contacts right from Gmail, its super convenient. The integrations available for O365 are not as robust or convenient. What’s going to happen (ask me how I know). Is that your reps will use O365 in box as their CRM rather than SutieCRM. They do this because there is no really good solution to integrate the two. (I know there are plugins but they leave alot to be desired). You’ll forever be trying to get them to use the CRM and they will just tell you that’s it’s all in their in box (in like 5000 folders!) and trying to use the CRM is just too much work.

I know, it wasn’t an easy choice, Google is superior to MS in many ways, but it costs more than double the same initial plan from Microsoft, it was a more a financial decision.

https://store.suitecrm.com/search/1/365/


Unfortunately is not possible anymore from September 30, 2024 to turn on less secure app on google.
So i suppose all the new user will go through the same struggle.
And despite my love for open source, we can’t afford struggling that much to connect a user email it looks insane for management.
So we’ll probably allocate a budget for a CRM and lost our data sovereignty :skull:

Less secure apps is not required. All that is required is using an app password to use gmail

After rage quit, i re-install suitecrm and many thanks @pstevens
just follow Using Google App Passwords to connect SuiteCRM to Gmail :: SuiteCRM Documentation
And it will works after September 30, 2024
I’m very Happy

That’s awesome! I didn’t know that we have this in the doc

Hello. I want to share something with you guys. My company decided to continue working with Google after almost a month and a half of nightmares with Microsoft support and the migration process. Therefore, I will have to continue with the process of this tutorial. Just one question: do the less secure applications no longer work?