How do I set up Outlook SMTP authentication with 2FA and OAuth2 for GlockApps?
Summary
What email marketers say10Marketer opinions
Marketer from Email Geeks explains that depending on the account type on Microsoft365, the ability to use basic authentication (even with app-specific passwords) might be disabled by the domain admin.
Email marketer from SuperUser shares to ensure that your firewall isn't blocking the connection between GlockApps and the Outlook SMTP server. You may need to add exceptions for the SMTP port (587) and the GlockApps IP address.
Email marketer from GlockApps Community Forum shares that within GlockApps, you need to configure the SMTP settings using the Outlook SMTP server address (smtp.office365.com), port 587, and TLS encryption. The username should be your full Outlook email address, and the password should be the app password generated from your Microsoft account.
Email marketer from EmailGeeks Forum answers that disabling legacy authentication in Office 365 could be why SMTP isn't working. This can be turned off and on within your admin panel.
Marketer from Email Geeks clarifies that unless Glockapps has native OAuth2 support for Microsoft's SMTP servers, it won't work if the domain only allows OAuth2. He states you are not supposed to hijack another apps OAuth2 credentials.
Email marketer from Microsoft Tech Community shares that conditional access policies might be blocking GlockApps. Ensure that the policies aren't configured to restrict access from the IP address or location GlockApps is using.
Email marketer from EmailOnAcid Forum answers that for GlockApps you need to also specify the 'from address', in addition to the SMTP authentication settings. This address needs to match the Outlook email address used for authentication to prevent errors.
Email marketer from Reddit responds that to set up 2FA for Outlook, navigate to your Microsoft account security settings, find the two-step verification option, and follow the prompts to enable it using an authenticator app or phone number.
Marketer from Email Geeks shares that Microsoft requires OAuth2 StartTLS and mentions that your MUA / Glockapps will require browser cookies enabled.
Email marketer from Stack Overflow responds that if GlockApps supports OAuth2, you'll need to register GlockApps as an application in your Azure Active Directory, grant it the necessary permissions (e.g., SMTP.Send), and then configure GlockApps to use the OAuth2 client ID and secret for authentication. This avoids the need for app passwords.
What the experts say1Expert opinion
Expert from Word to the Wise explains that understanding and enabling SMTP authentication settings is critical to ensuring your emails are sent properly.
What the documentation says7Technical articles
Documentation from Microsoft Learn describes how to enable or disable authenticated SMTP (SMTP AUTH) protocol submission in Exchange Online. It details the steps required to ensure the mailbox is configured correctly, including checking the 'SmtpClientAuthenticationDisabled' property and enabling SMTP AUTH if needed.
Documentation from Glockapps details setting up SMTP settings. It shows where to enter your host, username and password to get going.
Documentation from Azure provides a step-by-step guide on API permissions, including Graph and others. The key API permission that is required is SMTP.Send
Documentation from Microsoft Learn answers that modern Authentication (OAuth 2.0) is required for connecting to office 365. Basic authentication will not work unless you enable legacy protocols, which is not recommended.
Documentation from Azure provides a step-by-step guide on how to register an application, it details name, supported account types, and redirect URI (optional)
Documentation from Microsoft Learn explains the OAuth 2.0 authorization code flow, detailing how applications supporting this flow can exchange an authorization code obtained during the initial request for an access token. This access token is then used to authenticate API requests.
Documentation from Microsoft Support details how to use app passwords with apps that don't support two-step verification. It explains the steps to create an app password within your Microsoft account security settings, emphasizing that this password should be used specifically for the application (like GlockApps) requiring SMTP access.