If you're seeing a "Need admin approval" or "Approval required" message when trying to connect your Outlook or Office365 email, or if you're being prompted with IMAP/SMTP options instead of the expected OAuth dialog, it means your Office365 Admin has enabled advanced security settings in Azure Active Directory (Microsoft's cloud-based access management system) to restrict access to third-party applications like Event Temple.
About IMAP/SMTP Prompts: The IMAP/SMTP prompt appears as a fallback mechanism in Event Temple when the OAuth (Microsoft Graph) connection fails. This failure typically occurs because admin consent in Microsoft Azure has either expired or been revoked. Microsoft requires IT admin approval to authorize third-party applications like Event Temple to access email accounts securely.
How to Resolve OAuth Connection Issues:
When you see the Microsoft approval request dialog in the integration setup, click "Request approval" to notify your IT administrator.
Wait for your IT admin to approve the request for Event Temple to access your email account. The permissions requested are standard and necessary for proper email functionality.
Once approval is granted, reauthorize your email account in Event Temple by going to Settings > Personal Settings > Email and clicking "Authorize" again with your full email address.
Note: If your organization granted Admin Consent in a prior year, it may need to be refreshed. Microsoft tokens can expire or be invalidated by updated security settings. In that case, your admin will need to repeat the consent process as outlined below.
How Your Email Administrator Can Change Permissions
How Your Email Administrator Can Change Permissions
Your email administrator will need to create a new session and sign into the application as an admin user to grant permission.
To adjust the Need Admin Approval:
Go to the Azure Active Directory admin center.
Go to Enterprise applications > User settings.
There are two settings that control the authentication for the user.
Users can consent to apps accessing company data on their behalf
Users can consent to app accessing company data for groups they own
Toggle both to yes if you want users to authenticate themselves or toggle both to no to require administrative permission.
Request admin consent:
1. Sign in to the Azure portal as a Global Administrator.
2. Enterprise Applications > User settings' page
2. enable "Users can request admin consent to apps they are unable to consent to"
3. register some trusted user who has an email inbox as a reviewer by pressing the "+ Add users" button.
4. press save.
Approval Required Depending on the authorization given by the Email administrator, the below notification may appear
When you reach the "need admin approval" page, the user will need to request approval
Microsoft will send an email to the email administrator for the request - they'll need to press 'approve' in the email sent by Microsoft - this has now approved the user to connect to Event Temple
In Event Temple, the user will need to re-authorise their email once more now that the email admin has given approval:
Go to Settings > Personal Settings > Email in your Event Temple account
Click "Authorize" again, ensuring you use your full email addressl
Additional Information See this article from Microsoft for further details. If IMAP/SMTP prompts persist after completing the approval steps, it may indicate additional security restrictions or configurations in Azure that your IT team needs to address. The permissions requested by Event Temple are necessary for proper operation and are aligned with standard integration demands for email syncing. If you are still having troubles, please reach out to your relevant IT department, or Microsoft directly to ensure there are no other security settings that need updating.