In vergangenen Blogbeiträgen In past blog articles we already reported about communication in Odoo and about setting up catch-all email. This article is specifically about setting up an IMap connection by also considering two-factor authentication. Only this way it is possible to pick up mails via IMap.
Damit Odoo Mails von Office 365 via OAuth2 abholen kann, ist es notwendig, die dafür bereitgestellte App zu installieren. Wir gehen dazu in die App-Übersicht von Odoo und löschen als erstes das Suchwort "Apps" aus der Suche. Stattdessen wird nach Fetchmail gesucht.
Install Fetchmail Outlook App
Nun müssen Sie die App "Fetchmail Outlook" installieren.
If the installation worked, you will see a new section "Outlook credentials" in the General settings under Custom email servers.
You can get the data for the two new data fields Client ID and Client Secret by registering an app for the Odoo client in the Azure Active Directory Center.
App registration in Azure Active Directory Admin Center
To allow Odoo to pick up mail via IMAP and OAtuh2, there are several ways. It is also possible to fetch mail from a "shared mailbox" or from the mailbox without additional sharing. The method described here uses Delegated Permission, which does not require administrator approval. It is enough to log in to the Outlook account to be used, which grants the permission.
In the "Azure Active Directory Admin Center", select "Azure Active Directory" from the menu and in the new menu that appears, select "App Registration". Here you will find the option to register a new app in the top left corner. For example:
Select the the account type "Account in any organization directory" and set a redirect URI of type Web, which is composed of your Odoo domain followed by /microsoft_outlook/confirm. Make sure that this has a valid certificate. Without a certificate, only http://localhost is allowed as a possible value for the domain and thus cannot be used on an external server. After you have created this with the button Register, you will first find yourself in the overview of your new application (app). Here you can already find the newly created application ID (Client ID)
This is then required for the Outlook login data "Client ID" in Odoo. It is also possible to click on the client credentials directly in the overview to create a secret for the login or click on "Certificates & Secrets" in the left menu.
There they create a new secret client key and specify its duration. For this purpose, there are predefined periods, e.g. 6 months, or they manually create their own period of validity. But it is important to keep an eye on the end of the period. More about this at the end in the general information.
Wenn wir auf Hinzufügen geklickt haben, wird uns der Clientschlüssel angezeigt. Dabei ist es wichtig, jetzt den “Wert”
des Client-Schlüssels zu kopieren. Dazu finden wir neben dem Wert das
Kopiersymbol zum Anklicken.
If you leave this overview without copying the key, this will not be possible afterwards and you will have to create the client key again. This "value" is then required in Odoo for the "Outlook credentials" as the "Client Secret".
The next thing to do is to add the permissions for our new app. To do this, go to "API Permissions" in the left menu. If there are already preset permissions assigned here, delete them out first. After that, the required permissions can be added by clicking the Add Permission button.
To do this, go to the "APIs used by my organization" tab and search for "office 365 exchange". Then when they select "Office 365 Exchange Online", you will be prompted to select the type of permission.
Wir wählen hier die
Art “Delegierte Berechtigung” und suchen dann nach “Mail.ReadWrite”.
Wenn wir die gefundene Berechtigung “Mail” sehen, klappen wir diese auf
und setzen den Haken bei dem Recht “Mail.ReadWrite”. Wenn wir das Recht
hinzugefügt haben, sollte das Ergebnis folgendermaßen aussehen. Das
Schreibrecht benötigt Odoo, damit dieses bereits abgeholte E-Mails auf
den Status “gelesen” setzen kann. Ein einfaches Leserecht genügt nicht.
Odoo IMAP Server Configuration
Enter the previously created "Client ID" and "Client Secret" information into the Outlook credentials and save them if this has not already been done.
After that you can create and configure the "Incoming Mail Server".
Dazu setzen wir als Erstes bei den Serverinformationen einen Haken bei Outlook. Die Werte wie Servername, Port und SSL/TLS werden dadurch bereits automatisch gesetzt. Wir fügen nur den “Namen” der Einstellung und den “Benutzernamen” des E-Mail-Kontos hinzu, von dem die E-Mails abgeholt werden sollen. Das Passwortfeld kann bei dieser Konfigurationsart leer bleiben. Wir klicken stattdessen auf “Verknüpfen Sie Ihr Outlook-Konto” unter dem Feld “Benutzername”. Dadurch werden wir auf die Office 365 Anmeldeseite weitergeleitet, bei der wir uns als das zu verwendende E-Mail-Konto anmelden und die Berechtigung für das Abholen der E-Mails final erteilen. Hat das funktioniert, sollte "Eingehender E-Mailserver" unter dem Benutzernamen in der Odookonfiguration stehen.
To complete the configuration, click on "Test & Confirm".
If everything worked correctly, the status on the right should change to Confirmed. Now Odoo is able to use the OAuth2 authentication of Office 365 to fetch emails via IMAP.
Allgemeine Informationen
General InformationIf the secret client key has expired, Odoo will not be able to pick up emails. However, that this is the case is only in the Odoo server logs. An easy way to find out if the client key has expired when no emails arrive in Odoo is to reset the confirmation in the incoming mail server settings and try confirming it again. This will show the exact error message if something is not working , for example the client key is no longer valid, as a popup in the Odoo GUI. If the client key has expired, this "secret" must be recreated in the Azure Active Directory Admin Center and the new client secret must be re-stored in the General Email Settings. After that, you can reconfirm the email account in the outgoing mail server settings via "Test and Confirm".
If you need help setting up the Office 365 client in Odoo, or if you have any further questions on this topic feel free to contact us, we will help you as soon as possible!