[Tutorial] Connecting Frappe/ERPNext to Microsoft 365 mail services OAuth

Firstly, thanks a ton. This is the first guide that seems to make the functionality work!
I am able to fetch now for a 365 user.

My question is how do we use this to configure emails like sales (sales@domain.com), job which don’t directly map to particular ERPNext users. Do we just create fake users for them in ERPNext or is there a way to may those email to some other user from sales team?

Thanks agiain for your help

It should be no problem to configure generic emails. Try configuring the Email Account as follows:

1. Email Address: “sales@example.com”
2. Connected User: “system-manager@example.com”
3. Make sure you’re logged out from microsoft with your personal account
4. Click “Authorize API Access” and log into microsoft as sales@example.com

Once the Email Account is authenticated, you can grant any user access to this email account via their User DocType.

I am configuring everything the same, but I get this error when I try to connect. Do you know what could be happening?

image907×401 9.4 KB

This is brilliant @avc. Thank you so much.

I was able to follow thru the steps and don’t face any issues till I reach the state where I have setup a new email account for a person based on OAuth. Here it gives me the error Invalid Credentials, Please check your email login credentials.

I cannot figure out what credentials is it referring to.

Please guide.

Hi @muslimaziran:

Is this mail account linked to a connected app?

Yes,
so first I created a M365 user with the email address that I am interested to use as a default sending email in ERPNext. Then I created a user with the same email address in ERPNext. On logging in as this user I went to the conneted app and used the Connect to M365 (name of app). It asked me to log into the M365 account, I successfully logged into the account.

Then I created the email address for the same user but it gives the above error.

Try creating Email Domain and inherit from it into Email Account.

Thanks for this in-depth tutorial! It sums up perfectly what I found out by searching multiple threads and issues. The official documentation on this topic is basically useless or not existing! Maybe we can extend it a little further and place it in the official frappe docs?

Anyways, I still have issues with the integration of emails with Office365 and ERPnext/frappe.

We use the Security Defaults provided by Microsoft, which state to “Block legacy authentication methods, such as SMTP Auth”… see: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults#block-legacy-authentication-protocols

Did anybody get the email sending to work with Security Defaults enabled? Or am I required to use a Mail Connector for sending? see https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-3-configure-a-connector-to-send-mail-using-microsoft-365-or-office-365-smtp-relay

Thanks!

Is it this step discussed here? [Tutorial] Connecting Frappe/ERPNext to Microsoft 365 mail services OAuth - #4 by rmeyer

Hi:

I was able to sending through SMTP even without OAuth … it’s still working disabling Security Defaults and probably it will works for a long time …)

Also is possible to activate/deactivate SMTPAuth on certain accounts (via Powershell)

Anyway … STMPAuth isn’t needed since OAuth was implemented …
Hope this helps.

Nope, that was not the issue.
I created a new connected app and now its working.
I followed the tutorial step by step. Maybe i missed something in the first run.

Great tutorial. Please move it over to the official docs for Connected Apps in Frappe

@avc I follow all your steps and my incoming email is working completely fine but when I enable outgoing I am getting this error I can’t find where it was gone wrong

Screenshot 2023-08-08 at 10.30.09 PM759×187 13.5 KB

Hi:

Check the permissions of your M365 user.
Can use SMTP?

Hope this helps.

I did OAuth for Office 365 and after It didn’t required to enable or disable SMTP AUTH but when I enable outgoing i got this error

Screenshot 2023-08-09 at 11.15.20 PM1238×116 16.4 KB

Hi:

Have you checked this?

But for that I need to disable security defaults that is not possible.
and it’s mandatory to enable SMTP AUTH ?

Hi:

You can enable SMTP AUTH for specific mailbox

@avc Thank you for the help now it’s working

First of all: Thanks for the straight forward turorial!

I followed the guide but I’m still receiving an error when I try to enable Outgoing Mails.
On saving the Email Account I receive the following error message:

Here the Traceback:

Traceback (most recent call last):
  File "apps/frappe/frappe/email/smtp.py", line 111, in session
    Oauth(_session, self.email_account, self.login, self.access_token).connect()
  File "apps/frappe/frappe/email/oauth.py", line 48, in connect
    self._connect_smtp()
  File "apps/frappe/frappe/email/oauth.py", line 75, in _connect_smtp
    self._conn.auth(self._mechanism, lambda x: self._auth_string, initial_response_ok=False)
  File "/usr/local/lib/python3.10/smtplib.py", line 662, in auth
    raise SMTPAuthenticationError(code, resp)
smtplib.SMTPAuthenticationError: (451, b'4.7.0 Temporary server error. Please try again later. PRX5 

Do you have any ideas what might be the cause of that error?