OAuth Authorization Issue

Hello, I am trying to convert our incoming mail from Exchange/O365> Basic to Open Authentication (OAuth). I have followed all the steps provided (Configure an incoming e-mail account for Office 365 (solarwinds.com))to register the Web Help Desk app to our Azure as an application. The issue I am running into is when I input the Tenant ID, Client ID and Secret ID and click on Authorize for the incoming account I and configuring it seems to take my e-mail credentials instead of the e-mail address I configured for the incoming mail accounts. This is even through the steps when it ask me for which account I am authorizing, I put in the incoming email account, but still uses my credentials, hence looks into my inbox and processes the email in my inbox instead of the incoming email account. 

Just to add, we use SSO in our environment so when I log into WHD, it uses my AD credentials. So I don't know if this is the reason why the Authorization is using my account. If it is is there any way to bypass this?

What am I doing wrong?

Parents
  • We just went through this and there are a few "gotchas" if you aren't careful. Thank you to the other commentators for helping us on our way. This is being written out to be explicit about all the steps we had to go through and assumes you have read the "Configure an incoming e-email account" instructions. Our setup sounds like the OP's with Azure.

    The email account has to exist in the directory (apologies, this is outside my area) because they need to register as a Client.

    e.g. WHD_Email1@hotmail.com

    1. Open an Icognito browser
    2. Enter as the email account (WHD_Email1@hotmail.com)
    3. Complete the Client Profile, add First Name, Last Name, and most importantly Email
    4. Submit a ticket to force the Client identity to work through WHD (probably not required but done to pass the Client credentials through everything)
    5. Logout of WHD (but stay in the Icognito browser)

    From another browser, or even another person, enter WHD as Admin and add a new Admin linked to WHD_Email1.

    In the Incognito browser, enter WHD and it should pass through to the Tech view. (No passwords or login information required, it has read the User's identity from the webpage.)

    As the Admin WHD_Email1, setup the Incoming Email.

    1. Change from Basic to OAuth.
    2. Add Tenant ID, Client ID, Client Secret from portal.azure.com.
    3. Make sure the DNS, Port and Reply Redirect are configured correctly within Azure (beyond my knowledge).
    4. Click Authorize twice, which will then open a validation prompt where you sigin with the WHD_Email1@hotmail.com credentials.
    5. Approve
    6. Save.

    If during this process you end up resetting the password for the account, you need to update the SMTP password.

    Rinse and repeat for each email account that needs to be configured.

    Cheers.

Reply
  • We just went through this and there are a few "gotchas" if you aren't careful. Thank you to the other commentators for helping us on our way. This is being written out to be explicit about all the steps we had to go through and assumes you have read the "Configure an incoming e-email account" instructions. Our setup sounds like the OP's with Azure.

    The email account has to exist in the directory (apologies, this is outside my area) because they need to register as a Client.

    e.g. WHD_Email1@hotmail.com

    1. Open an Icognito browser
    2. Enter as the email account (WHD_Email1@hotmail.com)
    3. Complete the Client Profile, add First Name, Last Name, and most importantly Email
    4. Submit a ticket to force the Client identity to work through WHD (probably not required but done to pass the Client credentials through everything)
    5. Logout of WHD (but stay in the Icognito browser)

    From another browser, or even another person, enter WHD as Admin and add a new Admin linked to WHD_Email1.

    In the Incognito browser, enter WHD and it should pass through to the Tech view. (No passwords or login information required, it has read the User's identity from the webpage.)

    As the Admin WHD_Email1, setup the Incoming Email.

    1. Change from Basic to OAuth.
    2. Add Tenant ID, Client ID, Client Secret from portal.azure.com.
    3. Make sure the DNS, Port and Reply Redirect are configured correctly within Azure (beyond my knowledge).
    4. Click Authorize twice, which will then open a validation prompt where you sigin with the WHD_Email1@hotmail.com credentials.
    5. Approve
    6. Save.

    If during this process you end up resetting the password for the account, you need to update the SMTP password.

    Rinse and repeat for each email account that needs to be configured.

    Cheers.

Children
No Data