Articles in this section
Category / Section

Using Office365 (OAuth2) as Your SMTP Server

Published:
20 mins read

Microsoft has deprecated basic authentication for SMTP. To use Office365 with OAuth2 securely as your SMTP server in BrainCert, follow the steps below to register an Azure AD app, generate the required credentials, and enable secure email sending using Microsoft Graph API.


Step 1: Login to Microsoft Azure AD to setup App Registration

1. Log into https://portal.azure.com/ and navigate to Azure Active Directory.



Click "App Registrations".





3. Click New registration to get started.






4. Provide a name for your application. Choose Supported Account Types. Click Register button. You will be automatically redirected to the new application settings page.








Step 2: Generate a Client Secret


5. Open the Certificates & secrets section of your app. Click + New client secret.



6. From the left menu, select Certificates & secrets, and click New client secret.




7. Provide a Description that will help you remember how or where the secret is going to be used. Choose an Expires period, and click the Add button.




8. Ensure you copy the secret before refreshing the page. After the page is refreshed, the secret will no longer be available for copying and must be entered manually at a later time.







Step 3: Setup Authentication


9. From the left-hand menu, navigate to Authentication. Select Yes for the option labelled “Allow public client flows.” Click the Save button to confirm and implement the changes.





Step 4: API Permissions


10. In the left-hand menu, navigate to API Permissions. Click on the Add a permission option and choose Microsoft Graph from the off-canvas menu.



11. Click Application permissions option.



12. Choose API permissions and select Mail.Send in the Mail section.



13. Select User.Read.All in the User section.




14. Click Add permissions button. This will add two permissions to the application. The Azure AD Administrator should Grant admin consent for <YourOrganizationName> from the button shown below to the assigned permissions.


After admin consent, it should look like this:



Step 5: Copy required details


15. BrainCert requires the following information for SMTP configuration within BrainCert. Access the previously created App Registration, and on the dashboard, you will find the Client ID and Tenant ID.




Copy the Client Secret  that was generated from Certificates & secrets earlier.



Sender Email    - A valid Microsoft 365 user (e.g., you@yourdomain.com)



Step 6: Test & Verify


16. Navigate to Global Settings and SMTP Relay in BrainCert LMS. Select Office365 OAuth2 in the dropdown. Enter the required fields, and test it.


Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Access denied
Access denied