cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BTP destination configuration to send email using Office 365

Giampaolo
Explorer

on ‎12-11-2023 5:43 PM

0 Kudos

Hi,
I'm trying to send email from a Build Process Automation workflow.

I created sap_process_automation_mail destination as below, but it doesn't work.

Type			MAIL
Proxy Type		Internet
Authentication		OAuth2Password
User			<user_email>
Password		<user_pwd>
Client ID		<Application ID (client)>
Client Secret		<client secret value>
Token Service URL	https://login.microsoftonline.com/<Tenant_ID>/oauth2/v2.0/token

			- - - ADDITIONAL PROPERTIES - - -
mail.bpm.send.disabled			false
mail.smtp.auth				true
mail.smtp.auth.mechanisms		XOAUTH2
mail.smtp.from				<user_email>
mail.smtp.host				smtp.office365.com
mail.smtp.port				587
mail.smtp.ssl.checkserveridentity	true
mail.smtp.ssl.enable			false
mail.smtp.ssl.trust			*
mail.smtp.starttls.enable		true
mail.smtp.starttls.required		true
mail.transport.protocol			smtp
scope					https://graph.microsoft.com/SMTP.Send

How can i solve?

Thanks in advance,
Giampaolo

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

tobias_breyer
Employee
Employee
‎12-12-2023 12:49 PM
0 Kudos

Hi,

the https://outlook.office.com/SMTP.Send scope is the one to use. You can see from this Microsoft documentation that it is the outlook-one they recommend:

I don't think that the issue relates to the scope configuration in the destination, but it must be the correct one above and the user must have the scope. So maybe also check all the ways of limiting the scope on Azure side.

The 'scope' configuration property of the destination is just to reduce the token scope to exactly that scope (leaving out unnecessary scopes, reducing exposure of scopes the user has). So in case you specify the wrong scope, the token won't have a suitable scope at all. But if you specify the correct scope, it will just let the necessary things go through.

Please note that there is a documentation gap on the above page, the SMTP.SendAsApp scope is for the Client Credentials flow (which is not yet supported by SAP Build Process Automation). The page mentioned, in a historic version (use pencil icon on top right), the scope from above.

Unfortunately, the Test SMTP Server Configuration dialog does not detail out the authentication issues.

If you have the possibility, you could check what error message you get when you use a mail notification. It uses the sap_process_automation_mail, unless the bpmworkflowruntime_mail destination exists (in scenarios coming from SAP Workflow Management). In case of failure, you might receive better error messages in the respective process monitoring.

For some of them, you find trouble-shooting on the bottom of the product documentation page on SMTP configuration.

Hope that helps,

Tobias

Show replies
Show replies
tobias_breyer
Employee
Employee
‎12-12-2023 8:10 AM
0 Kudos

Hi Giampaolo,

please check the examples at the respective product documentation page. Maybe you have overlooked it, because you have to expand the example to see the code:

https://help.sap.com/docs/build-process-automation/sap-build-process-automation/configuring-smtp-mai...

You should see that the scope is different. It has to be https://outlook.office.com/SMTP.Send (outlook instead of graph).

Please also refer to the troubleshooting guide linked at the bottom of the page.

Regards,

Tobias

Show replies
Show replies
Giampaolo
Explorer
‎12-12-2023 8:52 AM
0 Kudos

Hi Tobias,
I followed this help to set properties and the scope you suggested was my first choice, but it doesn't work.

I tried with others scopes attribuited to Azure App, but none of them work

Do you have any other suggestions?

Best Regards,
Giampaolo


P.S.
I cannot find permission SMTP.Send on Office 365 Exchange Online API

vbalko-claimate
Active Participant
‎12-11-2023 9:14 PM
0 Kudos

Hello,

this one works.

Hope it will help.

Show replies
Show replies
Giampaolo
Explorer
‎12-12-2023 8:12 AM
0 Kudos

Hi Vladimir, thanks for answer.

Unfortunately Basic Authentication is now deprecated in Office365 and if I try to send emails with the configuration you suggested (and which I use to send emails with gmail) I get this error message.

I'm following this help doc.

Best Regards,
Giampaolo

dominiklang
Explorer
‎04-30-2024 4:39 PM
0 Kudos

There's a SAP Note available now:

3451530 - Get error "Sending an email is not possible due to authentication issues" when testing SMTP server in BPA

https://me.sap.com/notes/0003451530

To me it looks like Microsoft applied a few changes and SAP did not update the documentation yet (Configure an SMTP Mail Destination | SAP Help Portal).

Basic Authentication didn't work for me with Microsoft.

I do suggest to use Amazon Simple Email Service (Amazon SES https://docs.aws.amazon.com/ses/ ) with Basic Authentication.

Ask a Question