Dynamics 365 Business Central SaaS/Cloud: Setting up SMTP (Email) with OAuth2.0 authentication

Dynamics 365 Business Central

Hi, Readers.
Today I would like to talk about how to set up SMTP (Email) with OAuth2.0 authentication in Dynamics 365 Business Central SaaS/Cloud.
I have been asked by several partners recently if the Deprecation of Basic authentication in Exchange Online has any impact on Business Central. More details: Deprecation of Basic authentication in Exchange Online

Basic authentication is now disabled in all tenants.

Before December 31 2022, you could re-enable the affected protocols if users and apps in your tenant couldn’t connect. Now no one (you or Microsoft support) can re-enable Basic authentication in your tenant.

Read the rest of this article to fully understand the changes we made and how these changes might affect you.

In terms of conclusions, as of now, this has no effect on BC, here is an excerpt from MS documentation.
Set up email -> Use SMTP:

Exchange Online is deprecating use of Basic authentication for SMTP. Tenants that are currently using SMTP AUTH won’t be affected by this change. However, we strongly recommend using the latest version of Business Central and setting up OAuth 2.0 authentication for SMTP. We will not add certificate-based authentication for earlier versions of Business Central, for example, version 14. If you can’t set up OAuth 2.0 authentication, we encourage you to explore third-party alternatives if you want to use SMTP email in earlier versions.

But it is mentioned that Microsoft strongly recommends setting up OAuth 2.0 authentication for SMTP. So how do we set it up? Microsoft’s documentation doesn’t go into detail. Does it need to be as complicated as setting up API OAuth 2.0 authentication? Create App registrations in Azure Portal?
PS:
1. Using OAuth to connect Business Central APIs and Web Service in Postman
2. Using OAuth 2.0 to connect Business Central APIs and Web Services in Power Automate – OAuth in HTTP action

Don’t worry, this doesn’t require such a complicated setup. It’s actually very simple.
The following is my test in Version: W1 24.4 (Platform 24.0.22619.0 + Application 24.4.22295.22393) and Version: US Business Central 24.4 (Platform 24.0.22562.0 + Application 24.4.22295.22393). Since I am not an expert in exchange, if there are any errors, please feel free to contact me.

First let’s look at how to set up SMTP mail. Enter Email Accounts in tell me, then choose the related link.

Choose Add an email account.

Choose Next.

Choose SMTP.

The following table describes the email extensions that are available by default.Expand table

ExtensionDescriptionExamples of when to use
Microsoft 365 ConnectorEveryone sends email from a shared mailbox in Exchange Online.When all messages come from the same department, for example, your sales organization sends messages from a sales@cronus.com account. This option requires that you set up a shared mailbox in the Microsoft 365 admin center. For more information, see Shared mailboxes.
Current User ConnectorEveryone sends email from the account they used to sign in to Business Central.Allow communications from individual accounts.
SMTP ConnectorUse SMTP protocol to send emails.Allow communications through your SMTP mail server.

Choose Apply Office 365 Server Settings.

In Authentication you can choose the type of authentication.

Authentication
Specifies the type of authentication that the SMTP mail server uses.

For example, you cannot enter a password at this time.

Choose Next, and then Choose Finish. At this point the setup is done.

But when you send a test email, you will get the following error.

Email Outbox: Show Error

The SMTP server rejected the authentication request, as the authentication data is incorrect. Verify that your Username and Password are correct and that the SMTP server supports the specified authentication type (OAuth 2.0). SMTP error code: 535.

Yes, we are still missing one step. This step is set in Microsoft 365 admin center.

Find the Administrator user in Users -> Active users. (There is a problem here. I’m not sure if this is a bug, as I’m not an expert in exchange. No matter what email account you set up in BC, you need to enable this setting for the Administrator, not the email user. See the final test video for details. I tested it in two different tenants, as well as in Production and Sandbox, and the same situation occurred🤔)

After clicking, choose Manage email apps in the Mail tab.

Select Authenticated SMTP and click Save changes. More details: Use the Microsoft 365 admin center to enable or disable SMTP AUTH on specific mailboxes

That’s all. Go back to Business Central and send a test email again. It should be sent successfully.

Test video:

Give it a try!!!😁

PS: If you encounter the following error, you can test it with the set user.

Could not send the email. The AdeleV@2qcj3x.onmicrosoft.com account does not have Send As permissions on your mail server for the AdeleV@2qcj3x.onmicrosoft.com account.

END

Hope this will help.

Thanks for reading.

ZHU

コメント

Copied title and URL