Emails with OAuth
Available from version 2.7.7 only!!!
From iTop 2.7.7, you get another type of Mailbox to connect to
Gmail and Azure using OAuth2.
To allow iTop to send email notification through a mail server using OAuth authentication, such as Microsoft Azure or Google Gmail, you must
create a new iTop
OAuth clientobject to put in place this connection,
and change a few entries in the Configuration file
iTop OAuth client
Get from Provider
You must first get the following information from you mail provider
login: which is in general your email address. It must be unique, you cannot create 2 OAuth clients with the same login.
client id: a long string of characters
client secret: another long string of characters
Under the menu Configuration / OAuth client, create a
OAuth client object, .
|Usage of the field
|Your email address. If you have 2 OAuth
clients with the same login, only one can have the
Used for SMTP to “Yes”
no access token /
Access token generated
|Hardcoded based on the type of OAuth client chosen
|This url must be entered in OAuth2 configuration on the provider side, to authorize interactions between applications
|a long string of characters provided by your OAuth2 provider
|another long string of characters provided as well by your OAuth2 provider
|Explicit which scope definition will be used. It's
Simple by default and
Advanced as soon as
Advanced scope contains something
|Select predefined scopes, which will be translated
according to the OAuth class (provider)
If you need other scopes, then use the
|When predefined scopes are not
applicable/sufficient. Should be used with care by experts.
As soon as you enter something here it takes precedence on the
Scope selection which is then ignored.
|Used for SMTP
|At least one OAuth client must have this flag to “Yes”, if you want iTop to use it for sending mails (see configuration below)
Also the same information must be provided for Azure and Gmail, they use different connection protocols behind, which is why we have different class of object. In the future, other providers may come up with another OAuth implementation and a new iTop class will have to be developed for it.
Once you have created one or multiple OAuth clients, if one of
those clients is having a login which matches the Configuration
email_transport_smtp.username, then when
opening it, you see that it is the one used by iTop for sending
When opening the Test utility, you see immediately which transport method is used and then which login
If you need to use also that OAuth connection to scan the mailbox for ticket creation, see the configuration required in the extension: Mail to ticket automation
For Gmail, you must do some stuff on your gmail account
Set the Debug mode for OAuth in the Configuration file
'log_level_min' => ['OAuth' => 'Debug'],