Configuring access to exchange 365 with oauth authentication. How to debug
Hi all,
i'm following this guide https://academy.creatio.com/docs/8.x/no-code-customization/base-integrations/microsoft-email-contacts-and-calendar/set-up-the-ms-exchange-and-microsoft-365-services#title-192-1 to configure access to an exchange 365 mailboxy, by oauth authentication.
Exchange side configuration has been already carried out and i have configured clientid and secret on creation (i've configured tenantid too which is not mandatory but i think it should be).
Whenever i try to associate a mail to the mailbox service i've configured i'm redirected to a microsoft page prompting me for a login: https://login.microsoftonline.com/common/oauth2/authorize
This puzzles me because in client credentials authorization no login should be asked to the user. In order to figure out where the issue is i would normaly trace the rest call made by creatio to obtain the token i invoke graph api. Sadly i couldn't figure out at all how to do this or if it is even possible.
Do you have any suggestion on how i can debug this scenario or similar ones where i have to check api call made by creatio?
Thanks
Like
Roberto Binda,
What you're describing will work (having the system start a process every time an email is received in that mailbox or even auto sending emails from that mailbox in the background - all independent of users accessing the system). You just need to add the mailbox first. The credentials is only needed initially add the mailbox. Accessing any mailbox does require credentials, which is what gives the mail server context as to which mailbox is being accessed.
If this is some system mailbox that will be used for automated messages, there still is a user context to get access to the mailbox. What I often do is add that as an admin level user in Creatio. Once added, Creatio will continue to retrieve or send email via that mailbox regardless of whether that admin level user ever logs into Creatio again. The mailbox will be available to use in processes etc.
When you set up OAuth for Office365/Exchange mailboxes, it doesn't mean that no login info is asked of the user. It only means that Office365/Exchange is who asks for the login info of the user, not Creatio. The expected behavior is that a user adds their mailbox, they get redirected to the Exchange/Office365 login to authorize Creatio to use the mailbox, then redirected back to Creatio. If the user is already logged into their mailbox in the browser, they will not be asked to log in again and will only see the screen to authorize Creatio to use the mailbox.
Ryan
Ryan Farley,
Hi Ryan, thank you for your feedback. I guess i gotta go back to the accademy because i really didn't figure out this mimic. I thought, since we were setting up a client credentials oauth flow, that it was a machine to machine integration. Without the need for a user to input any password (which in my scenario isn't even known). If a user authentication is required to obtain a token that persist in the session i don't see how it would be possible to create automated and unattended processes that receive and sends from this mailbox. Above all what i'm trying to accomplish is to have a business process to start automatically every time a mail is received in the mailbox (independently by the users logged in the system). At this point it's hard for me to understand if it is even possible with out of the box features.
Roberto Binda,
What you're describing will work (having the system start a process every time an email is received in that mailbox or even auto sending emails from that mailbox in the background - all independent of users accessing the system). You just need to add the mailbox first. The credentials is only needed initially add the mailbox. Accessing any mailbox does require credentials, which is what gives the mail server context as to which mailbox is being accessed.
If this is some system mailbox that will be used for automated messages, there still is a user context to get access to the mailbox. What I often do is add that as an admin level user in Creatio. Once added, Creatio will continue to retrieve or send email via that mailbox regardless of whether that admin level user ever logs into Creatio again. The mailbox will be available to use in processes etc.
Ryan Farley,
Than you Ryan, i've got a clearer picture now. Your feedback was really helpful