[Tutorial] Connecting Frappe/ERPNext to Microsoft 365 mail services OAuth

muslimaziran · July 20, 2023, 2:50am

avc · July 20, 2023, 6:29pm

Is this mail account linked to a connected app?

muslimaziran · July 21, 2023, 1:48pm

Yes,
so first I created a M365 user with the email address that I am interested to use as a default sending email in ERPNext. Then I created a user with the same email address in ERPNext. On logging in as this user I went to the conneted app and used the Connect to M365 (name of app). It asked me to log into the M365 account, I successfully logged into the account.

Then I created the email address for the same user but it gives the above error.

revant_one · July 21, 2023, 2:49pm

Try creating Email Domain and inherit from it into Email Account.

thomasr · July 26, 2023, 2:35pm

Thanks for this in-depth tutorial! It sums up perfectly what I found out by searching multiple threads and issues. The official documentation on this topic is basically useless or not existing! Maybe we can extend it a little further and place it in the official frappe docs?

Anyways, I still have issues with the integration of emails with Office365 and ERPnext/frappe.

We use the Security Defaults provided by Microsoft, which state to “Block legacy authentication methods, such as SMTP Auth”… see: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults#block-legacy-authentication-protocols

Did anybody get the email sending to work with Security Defaults enabled? Or am I required to use a Mail Connector for sending? see https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-3-configure-a-connector-to-send-mail-using-microsoft-365-or-office-365-smtp-relay

Thanks!

revant_one · July 26, 2023, 9:33pm

Is it this step discussed here? [Tutorial] Connecting Frappe/ERPNext to Microsoft 365 mail services OAuth - #4 by rmeyer

avc · July 27, 2023, 3:03pm

Hi:

I was able to sending through SMTP even without OAuth … it’s still working disabling Security Defaults and probably it will works for a long time …)

Also is possible to activate/deactivate SMTPAuth on certain accounts (via Powershell)

Anyway … STMPAuth isn’t needed since OAuth was implemented …
Hope this helps.

thomasr · July 28, 2023, 6:35am

Nope, that was not the issue.
I created a new connected app and now its working.
I followed the tutorial step by step. Maybe i missed something in the first run.

Great tutorial. Please move it over to the official docs for Connected Apps in Frappe

Khushal · August 8, 2023, 5:00pm

@avc I follow all your steps and my incoming email is working completely fine but when I enable outgoing I am getting this error I can’t find where it was gone wrong

avc · August 8, 2023, 6:46pm

Hi:

Check the permissions of your M365 user.
Can use SMTP?

Hope this helps.

Khushal · August 9, 2023, 6:06pm

I did OAuth for Office 365 and after It didn’t required to enable or disable SMTP AUTH but when I enable outgoing i got this error

avc · August 9, 2023, 9:51pm

Hi:

Have you checked this?

Khushal · August 10, 2023, 8:44am

But for that I need to disable security defaults that is not possible.
and it’s mandatory to enable SMTP AUTH ?

avc · August 10, 2023, 10:05am

Hi:

You can enable SMTP AUTH for specific mailbox

Khushal · August 17, 2023, 9:24am

@avc Thank you for the help now it’s working

ophl55 · August 22, 2023, 1:11pm

First of all: Thanks for the straight forward turorial!

I followed the guide but I’m still receiving an error when I try to enable Outgoing Mails.
On saving the Email Account I receive the following error message:

Here the Traceback:

Traceback (most recent call last):
  File "apps/frappe/frappe/email/smtp.py", line 111, in session
    Oauth(_session, self.email_account, self.login, self.access_token).connect()
  File "apps/frappe/frappe/email/oauth.py", line 48, in connect
    self._connect_smtp()
  File "apps/frappe/frappe/email/oauth.py", line 75, in _connect_smtp
    self._conn.auth(self._mechanism, lambda x: self._auth_string, initial_response_ok=False)
  File "/usr/local/lib/python3.10/smtplib.py", line 662, in auth
    raise SMTPAuthenticationError(code, resp)
smtplib.SMTPAuthenticationError: (451, b'4.7.0 Temporary server error. Please try again later. PRX5

Do you have any ideas what might be the cause of that error?

avc · August 22, 2023, 3:36pm

I’ve never faced this error, but …

Take a look here.

ophl55 · August 23, 2023, 9:41am

@avc Thanks for the hint. It worked out to authenticate with a user that has only the role “Global Admin”.

I now receive the error 535 5.7.3 Authentication unsuccessful while trying to enable outgoing email for a shared mailbox.

Traceback (most recent call last):
  File "apps/frappe/frappe/email/smtp.py", line 111, in session
    Oauth(_session, self.email_account, self.login, self.access_token).connect()
  File "apps/frappe/frappe/email/oauth.py", line 48, in connect
    self._connect_smtp()
  File "apps/frappe/frappe/email/oauth.py", line 75, in _connect_smtp
    self._conn.auth(self._mechanism, lambda x: self._auth_string, initial_response_ok=False)
  File "/usr/local/lib/python3.10/smtplib.py", line 662, in auth
    raise SMTPAuthenticationError(code, resp)
smtplib.SMTPAuthenticationError: (535, b'5.7.3 Authentication unsuccessful [FR0P281CA0179.DEUP281.PROD.OUTLOOK.COM 2023-08-23T09:34:01.401Z 08DBA2DDBD7BF410]')

UPDATE:

This error could be resolved by following the procedure described by @rmeyer in [Tutorial] Connecting Frappe/ERPNext to Microsoft 365 mail services OAuth - #6 by rmeyer

avc · August 23, 2023, 9:55am

Hi @ophl55:

Maybe should activate SMTP for your mailbox.

ophl55 · August 23, 2023, 9:57am

Yes, SMTP is enabled for single mailboxes as decribed earlier in this post.

Thanks for your help. Now it is working as expected.