OAuth is a standard authorization protocol that provides delegated access to a protected resource using web tokens instead of passwords. With OAuth, resource owners can configure separate permissions for each client requesting access to the same resource and modify/revoke the access at any point of time.
OAuth authentication involves the following entities:
To access a protected resource, the client should obtain an authorization grant from the resource owner and pass it on to the authorization server. The authorization server validates the authorization grant and generates an access token with the approval of the resource owner. The client can use this token to access the protected resource hosted by the resource server.
The authentication process with OAuth is explained in the flowchart below:
In this case, ServiceDesk Plus acts as the Client requesting access to the Mail Server (Resource Owner) and obtains the authorization grant. This authorization grant is processed through the Authorization Server of the corresponding mail box(say G Suite for Gmail and Microsoft Azure for O365), which generates an access token with the Resource Owner's approval. Using this access token, ServiceDesk Plus can access the Mail Server.
To configure mail server settings using OAuth authentication, you must configure ServiceDesk Plus with the authorization server of your mailbox. We have tested ServiceDesk Plus with the following authorization servers:
Upon generating the auth tokens, you can configure incoming and outgoing mail settings of your organization to connect using: