Enter the administration utility named Access Tokens for 3rd Party Email Services on the Advanced administration menu.

This screen will be similar to:

Note that this screen displays the redirect URI that is required by the email service you are configuring.  This redirect is used to direct the email service back to ExtraView automatically once it has successfully authenticated the access.  You can copy this URI to your clipboard so that you can paste it into the email service configuration screen.

Click on the button Add a new email token.

Field Required Value
Email Token Name Yes This is an arbitrary name for the token you are creating,  A recommended name is the email address which you use for the EVMail service
Email Token Type Yes Select from Microsot Azure and Google Gmail
Email Address No This field is for reference only.  When you have multiple mailboxes configured, it is useful on this screen to view which mailbox this connection is used with
Tenant ID Yes for Microsoft Azure Paste or copy the Tenant ID that you received from the external email service,  This is only required for Microsoft Azure
Client ID Yes Paste or copy the Client ID that you received from the external email service
Client Secret Yes Paste or copy the Client Secret that you received from the external email service
Scope Yes The scope defines the range of permissions that ExtraView is requesting.  Note that permissions for offline working are added automatically.  More than one scope can be requested.  Simply concatenate the requests with a space between each.

The entire scope (that you can copy and paste into ExtraView) is:

https://outlook.office.com/SMTP.Send https://outlook.office.com/EWS.AccessAsUser.All https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All

You may remove unneeded permissions from the Scope.  The following is a guide as to how each scope is utilized:

Microsoft Exchange
  https://outlook.office.com/EWS.AccessAsUser.All
  https://outlook.office.com/Mail.ReadWrite
  https://outlook.office.com/Mail.Send
  https://outlook.office.com/EWS.AccessAsUser.All
  https://outlook.office.com/SMTP.Send

Microsoft IMAP
  https://outlook.office.com/IMAP.AccessAsUser.All

Microsoft POP3
  https://outlook.office.com/POP.AccessAsUser.All

Microsoft SMTP
  https://outlook.office.com/POP.AccessAsUser.All

Authorization URL Yes This is the URL of the authorization server.

  • For Microsoft Azure connections this value is https://login.microsoftonline.com/
  • For Google Email connections this value is https://accounts.google.com/
Access Token URL Yes for Google Email For Google Email this is the URL of the authorization server.  This value is https://oauth2.googleapis.com/. Microsoft uses the same URL as the authorization URL

Once you have added the token using the Add New Token button, click the Get Email Token button. 

  • With Google GMail, on the first occasion that you get a token, you will be prompted to authorize the app permissions
  • With Microsoft Azure, if the admin Grants admin consent to any permissions associated with the app, the user is not prompted to authorize the app.  If the mail admininistrator does not grant admin consent to the permissions, the app cannot access the mailboxes using the token.

ExtraView redirects the administrator to the sign on screen for the remote email service.  After verifying your identity, return to ExtraView and refresh the Access Tokens for 3rd Party Email Services screen.

You will see the newly configured token.  The screen will show the token details, together with the expiry time of the token, and when it was last updated.

 

Configuring EVMail

Within the EVMail task properties, there is a section which refers to the OAuth2 token to be used.  This looks like:

# The MAILBOX_AUTH_TYPE default is PASSWORD.  Alter the value of the property to OAUTH2 for OAuth2 authentication
# MAILBOX_AUTH_TYPE = PASSWORD | OAUTH2
# MAILBOX_EMAIL_TOKEN_NAME is the name of the OAUTH2 token that should be used when MAILBOX_AUTH_TYPE = OAUTH2.  
# The token is added under Admin / Advanced / Access Tokens for 3rd Party Email Services
# MAILBOX_EMAIL_TOKEN_NAME = <name of the token in the admin utility that creates and maintains the email tokens>

Uncomment and alter the MAILBOX_AUTH_TYPE to OAUTH2.  Now set the value of the MAILBOX_EMAIL_TOKEN_NAME property to the name of the token you created in the field Email Token Type.

If EVMail was previously running, stop and restart the task to load the new settings.

 

Configuring BatchMail

.Similar alterations to the BatchMail task properties need to be made as to the changes to the EVMail task, although the propertty names are a little different.

# The MAIL_AUTH_TYPE default is PASSWORD.  Alter the value of the property to OAUTH2 for OAuth2 authentication
# MAIL_AUTH_TYPE = PASSWORD | OAUTH2
# MAIL_TOKEN_NAME is the name of the OAUTH2 token that should be used when MAILBOX_AUTH_TYPE = OAUTH2.  
# The token is added under Admin / Advanced / Access Tokens for 3rd Party Email Services
# MAIL_TOKEN_NAME = <name of the token in the admin utility that creates and maintains the email tokens>

Uncomment and alter the MAIL_AUTH_TYPE to OAUTH2.  Now set the value of the MAIL_TOKEN_NAME property to the name of the token you created in the field Email Token Type.