Oauth

Summer Sauce

Summer Sauce

Beginner
Will you be adding a solution that enables us to connect to multiple gmail and outlook accounts through an API or to easily be able to connect through OAuth? Right now Outlook accounts cannot be added to Mumara unless you create an app specific password, and in the case where we have multiple outlook accounts it can be drag to set 2FA up for each account.
 
If we add the OAuth, in this case, you'll still need to create a project on Google and get it approved by them for the sensitive scopes. You can still import Gmail accounts as SMTPs. There are two methods to use Gmail smtp to send emails.

1. Use your Gmail email and password
2. Use the app-specific password

In case 1, you'll need to disable 2FA and allow less secure apps.
In case 2, you'll need to enable 2FA and generate an app-specific password.
 
wasif said:
If we add the OAuth, in this case, you'll still need to create a project on Google and get it approved by them for the sensitive scopes. You can still import Gmail accounts as SMTPs. There are two methods to use Gmail smtp to send emails.

1. Use your Gmail email and password
2. Use the app-specific password

In case 1, you'll need to disable 2FA and allow less secure apps.
In case 2, you'll need to enable 2FA and generate an app-specific password.
Click to expand...
Late reply I know, but hopefully this will be added. For using bulk gmail accounts both options are very time consuming. There is no way in gsuite or the workspace/gmail API to mass enable less secure apps.
 
To use oAuth, the web application has to be approved by Google for production use. e.g., if you have Mumara installed on domainabc.com, you'll need to get this domain approved by Google to use sensitive scopes, e.g., accessing a gmaill account, etc. So it's an even more difficult and lengthy process and has no major usage in our case. It's easy for the clients to generate an app-specific password and use it.
 
@wasif

Based on the provided information, here's how you can configure the Mumara to use an internal app in your Google Workspace account without requiring Google's approval for the Gmail scopes:

Create an internal app in your Google Cloud Console associated with your Google Workspace account. Set the user type to "Internal" on the OAuth consent screen configuration. This limits access to only users within your organization.

In the OAuth consent screen, add the necessary Gmail scopes for sending emails, such as https://www.googleapis.com/auth/gmail.send. Since the app is internal, these sensitive scopes do not require verification by Google.

Generate OAuth 2.0 credentials (Client ID and Client Secret) for the internal app.

Configure domain-wide delegation for the internal app's service account in the Google Admin console. This allows the app to access user data on behalf of users in your organization without individual user consent.

In the Google Admin console, go to Security > API Controls > Domain wide delegation. Add the Client ID of the internal app and authorize the required Gmail scopes (gmail.send).

Provide the OAuth 2.0 credentials (Client ID and Client Secret) and the service account email to Mumara. They will need to implement OAuth 2.0 authentication in their application using these credentials to obtain access tokens for API requests.

Mumara can then use the access token to make authorized API calls to send emails on behalf of your organization's users via the Gmail API.

By creating an internal app and configuring domain-wide delegation, you can allow the Mumara to access necessary Gmail scopes without going through Google's approval process for external apps. The app is limited to only your organization, and the admin controls access via the domain-wide delegation settings.

=====

Can this be implemented?
 
@Summer Sauce, sorry for the delay in getting back to you. These were the Eid holidays. So if Mumara launches the Google app as an official app and allows users to connect their account with Mumara, it has to be on the unique domain. In the case of the self-hosted editions, the domain name changes from case to case. Moreover, if the people connect their accounts and use to send spam, the app is in danger. However, in near future, we can give the users an opportunity to create their apps and connect to it. Will write tutorial on it as well.
 
wasif said:
@Summer Sauce, sorry for the delay in getting back to you. These were the Eid holidays. So if Mumara launches the Google app as an official app and allows users to connect their account with Mumara, it has to be on the unique domain. In the case of the self-hosted editions, the domain name changes from case to case. Moreover, if the people connect their accounts and use to send spam, the app is in danger. However, in near future, we can give the users an opportunity to create their apps and connect to it. Will write tutorial on it as well.
Click to expand...
Thank you I look forward to this tutorial. Really appreciate it!
 
OAuth has been added to Mumara now. It should be available in the next update, which is taking a little longer as it includes all major languages.
 
You must log in or register to reply here.
Back
Top