All Collections
ADMINISTRATION
Other
Setup Email SMTP Settings with Office365 OAuth2 Authentication
Setup Email SMTP Settings with Office365 OAuth2 Authentication

SecurityStudio supports custom SMTP email settings with Office365 OAuth2 authentication.

Caitlin Fox avatar
Written by Caitlin Fox
Updated over a week ago

Step-by-step

1. Log into https://portal.azure.com/ and navigate to Azure Active Directory.

2. From the left menu, select App registrations.

3. Click > +New registration above the application list.

4. Provide Application Name.

5. Choose Supported Account Types.

6. Click > Register button. You will be automatically redirected to the new application settings page.

7. In the Essentials section at the top of the page, copy the following variables:

  • Application (Client) ID

  • Directory (Tenant) ID

8. From the left menu, select Certificates & secrets.

9. Click > New client secret button.

10. Provide a Description that will help you remember how or where the secret is going to be used.

11. Choose an Expires period.

12. Click > Add button. A new client secret will be generated.

13. Copy the secret BEFORE refreshing the page. Once the page is refreshed, the secret cannot be copied any longer and will need to be entered manually (later).

14. Log into SecurityStudio at https://app.securitystudio.com/ as a user with the SMTP Settings permission.

15. Click > Gear > SMTP Settings.

16. Change the value of Authentication Method field to Office365 OAuth2. That setting is going to use OAuth2 mechanism for authentication when using custom SMTP setting for Office365.

17. Complete the rest of the required fields with the inputs below:

  • Sender Email: Azure AD username that will be used as sender in the emails

  • Client Secret: The generated secret token in the Certificates & secrets section on the Azure application

  • Application (Client) ID: This is the value previously copied from the Essentials section in the created Azure App.

  • Directory (Tenant) ID: This is the value previously copied from the Essentials section in the created Azure App.

18. Click > Save button.

19. Go back to Azure Portal > App Registrations > Your App.

20. From the left menu, select Authentication.

22. Choose Yes for “Allow public client flows”.

22. Click > Save button to apply the changes.

23. From the left menu, select API Permissions.

24. Click > +Add a permission above the list with all assigned permissions.

25. Choose Microsoft Graph in the right panel.

26. Choose API permissions.

27. Select Mail.Send in the Mail section.

28. Select User.Read.All in the User section.

29. Click > Add permissions button. This will add two permissions to the application (see below).

30. The Azure AD Administrator should Grant admin consent for <YourOrganizationName> from the button above the assigned permissions.

31. Go back to SecurityStudio > SMTP Settings.

32. Click > Test button.

If everything is configured correctly, a green success message will display.

If there is a problem with the configured settings, a red failure message will display.

Did this answer your question?