Can any one help me to integrate Microsoft 365 mail services OAuth
i tried for 3 days but i didnt reach my goal
i will be thankful if anyone helps me to do it
I have made it far enough that the Microsoft 365 account sends mail out correctly, however I am still not receiving emails into the system. I’m not sure if there is a place to look for the incoming mail error logs, but I have added the scope IMAP, and authenticated correctly with Oauth.
Any ideas where I can narrow down why incoming mail isn’t showing? I like the idea of having contacts added automatically.
You must configure this within E-Mail Account Settings.
If anyone reply to your offer or something like that it should be arrive within ERPNext.
It would be better if you configure the E-Mail Address within your customer.
Hi @avc,
Thanks for the tutorial.
When trying to add the application permission for Office365 Exchange Online, I cannot find it. When Googling, it apparently is because I haven’t got an Entra P2 / AAD P2 subscription. But that increases the per-user cost by 2x. This should be doable without having to upgrade to AAD P2, right?
Getting stuck here 
Also, when ignoring the above and then following all the steps, I get the following error when connecting the email account with the user:
AUTHENTICATE command error: BAD [b"[CLIENTBUG] syntax: expecting ‘p’, found ‘x’"]
Does that have to do with it, or is this something else?
Thanks for the help. Would love to receive guidance here.
Edit: after double-checking the email account settings (TLS/IMAP checkboxes). It seems like it works.
Tried the same steps you defined but there is a server error and more over there is some imap4.lib.error
From the connected app method i got this error:
Traceback (most recent call last):
File “apps/frappe/frappe/app.py”, line 114, in application
response = frappe.api.handle(request)
File “apps/frappe/frappe/api/init.py”, line 49, in handle
data = endpoint(**arguments)
File “apps/frappe/frappe/api/v1.py”, line 36, in handle_rpc_call
return frappe.handler.handle()
File “apps/frappe/frappe/handler.py”, line 49, in handle
data = execute_cmd(cmd)
File “apps/frappe/frappe/handler.py”, line 85, in execute_cmd
return frappe.call(method, **frappe.form_dict)
File “apps/frappe/frappe/init.py”, line 1768, in call
return fn(*args, **newargs)
File “apps/frappe/frappe/utils/typing_validations.py”, line 31, in wrapper
return func(*args, **kwargs)
File “apps/frappe/frappe/integrations/doctype/connected_app/connected_app.py”, line 172, in callback
frappe.throw(_(“Invalid state.”))
File “apps/frappe/frappe/init.py”, line 645, in throw
msgprint(
File “apps/frappe/frappe/init.py”, line 610, in msgprint
_raise_exception()
File “apps/frappe/frappe/init.py”, line 561, in _raise_exception
raise exc
frappe.exceptions.ValidationError: Invalid state.
Guide me whats the issue with it.
Hi,
thank you for the comprehensive instruction.
Unfortunatley I did not get it working, although I think it might be not Frappe related. But I need a second opionion for clarification. 
When I am logged in as Administrator and navigate to E-Mail-Account and click on API Authorize button, I get the M365 Authentication presented. After that I get a Frappe window saying “The ressouce is not available”.
When I look into the Sign-In log of the M365 application: it says the login was successfull.
But what resource is meant here and how do I troubleshoot that?
I would be thankfull for any idea!
Best regards,
Marcus
you are trying to authorize api access with an admin user who is not registered the email setup. I got the same error at least when hitting the authorize api access button. solved by using an account connected to the setup to authorize, not admin user.
+20 1111817748
contact me on whatsapp i have the solution
Hey everyone, been having these problems as well. Managed to get a “no-reply” email working with M365, however my problem is that after a while (between 2h and 24h) it seems that the email account “loses” access to the API authorization, and I need to do the “Authorize API Access” loop again, otherwise it does not send out emails from Frappe. Any one has an idea about this?
Hi @PedroJACorreia:
Seems refresh token is not being generated …
Check your connected app doctype.
See this docs too:
https://frappeframework.com/docs/user/en/microsoft-email-oauth#service-principal-authentication
Hope this helps.
Hi avc, thanks for the quick reply.
Is there a way to force the token generation? Mine is being generated, but the problem persists; once I “Authorize API Access” in the email account menu for my no-reply account, it works just fine. But after a certain amount of time (1-2 hours) it seems to lose connection to M365 and asks for the “Authorize API Access” again. Doing it again makes it work again for a short time, then rinse and repeat.
I don’t have the “Authenticate as Service Princpal” checkbox as the documentation suggests. Is there something I’m missing?
Check your Token Cache. It needs to have refresh_token field populated. To obtain refresh token offline_access scope is required.
Not related to Microsoft, some providers may make it mandatory to “verify app” or set it up “production mode” to start obtaining refresh tokens.
2 Likes
We had App created from both the OAuth settings and Connected Apps. We deleted one from the OAuth page and kept the one from Connected Apps. Also make sure that, you are logged in with the same user and not as Admin. This shall work. Excellent work by Frappe with this connector.
Hello @avc,
do you know why i get the error “DNS_PROBE_FINISHED_NXDOMAIN” if i would like to api authorisation a new e-mail account?
Regards
Kevin
I had the same problem before and fixed it by checking the settings below in the Azure connected app settings. Might be worth a try.
Hey everyone,
I followed the tutorial provided by @avc and it works, nice thank you!
However I also want to connect my shared mailbox like @rmeyer proposes in his comment but in the current version of ERPNext v15 the Authorize API Access Button is gone…
Is there any workaround yet?
Edit: It was too late I guess… just click on save and it appears…
Hey guys,
We always encounter this error even though we’ve configured everything as per the setup:
“Please check your email credentials. smtplib.SMTPAuthenticationError: (451, b’4.7.0 Temporary server error. Please try again later. PRX5 [FR0P281CA0189.DEUP281.PROD.OUTLOOK.COM 2024-12-16T23:06:25.873Z 08DD1D73933D3035]')”
Feedback would be appreciated and is much needed!
I was able to make this work using exactly the steps described at the beginning of this post by @avc . THANK YOU SO MUCH!!!
The one thing I will add is that there appears to be two ways to set up the users:
- Set up each user’s inbound/outbound servers.
- Set up an Email Domain and use that for each user.
I chose option 2 because it is much simpler on a per user basis.
I had a lot of trouble getting O365 to accept the server setup so here are the steps I took to:
In Azure go to admin.microsoft.com → Show all → Exchange to get to the Exchange admin center. In the Exchange Admin Center select Mail Flow → Connectors and set up an email connector to allow your Frappe server to send email via the SMTP gateway.
I chose to use the IP address method for verification but if you can use a certificate. The IP address is the public IP address of the server.
This did not work for my dev environment on my PC because my ISP blocks the SMTP ports needed to make this work. It only worked in my hosted environment.
In Frappe, I went to Email Domain and created a new email domain with these settings:
If this works, you will get a successful “Save” right away.
Finally, when I set up the user I used the Email Domain from above and selected the inbound and outbound options with “Disable SMTP server authentication” checked.
Hope this helps someone else.
1 Like