29,355
edits
Changes
m
→Setup
Line 38:
Line 38:
This is some documentation on how to setup your external system to allow an OAuth2 connection. This may help you to find how to get your Client ID and Secret ID to create your OAuth entry in Dolibarr.
−=== For Microsoft ===+See https://afterlogic.com/mailbee-net/docs/OAuth2Office365NonInteractive.html and https://learn.microsoft.com/fr-fr/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
−Tutorial to register an application and create a secret ID:+
+
+
+
====For Google====
====For Google====
−Client ID / Secret ID: See chapter External documentation.
+Client ID / Secret ID: See chapter [[#How to get my Client / Secret ID]].
Scope: Choose the scope '''gmail_full'''
Scope: Choose the scope '''gmail_full'''
Line 44:
Line 44:
====For Microsoft Office365====
====For Microsoft Office365====
−Client ID / Secret ID: See chapter External documentation.
+Client ID / Secret ID: See chapter [[#How to get my Client / Secret ID]].
Tenant: The ID of the tenant provided by Microsoft. Example: 123456ab-1234-5678-abdc-12345678abcd
Tenant: The ID of the tenant provided by Microsoft. Example: 123456ab-1234-5678-abdc-12345678abcd
Line 57:
Line 57:
====For Google====
====For Google====
−Client ID / Secret ID: See chapter External documentation.
+Client ID / Secret ID: See chapter [[#How to get my Client / Secret ID]].
Scope: Choose the scope '''gmail_full'''
Scope: Choose the scope '''gmail_full'''
Line 63:
Line 63:
====For Microsoft Office365====
====For Microsoft Office365====
−Client ID / Secret ID: See chapter External documentation.
+Client ID / Secret ID: See chapter [[#How to get my Client / Secret ID]].
Tenant: The ID of the tenant provided by Microsoft. Example: 123456ab-1234-5678-abdc-12345678abcd
Tenant: The ID of the tenant provided by Microsoft. Example: 123456ab-1234-5678-abdc-12345678abcd
Line 78:
Line 78:
Name of the entry: "Login" (The text "Login" with L uppercase. You must use this entry string for SSO Login. No other name is possible).
Name of the entry: "Login" (The text "Login" with L uppercase. You must use this entry string for SSO Login. No other name is possible).
−Client ID / Secret ID: See chapter External documentation.
+Client ID / Secret ID: See chapter [[#How to get my Client / Secret ID]].
Scope: Choose the scope '''openid''' and '''email'''
Scope: Choose the scope '''openid''' and '''email'''
−You must also modify you dolibarr conf file to use SSO Login with Google OAuth. See page [[Authentication,_SSO_and_SSL]].
+You must also modify you Dolibarr conf file to use SSO Login with Google OAuth. See page [[Authentication,_SSO_and_SSL]].
====For Microsoft Office365====
====For Microsoft Office365====
Not yet available ! Will probably be ...
Not yet available ! Will probably be ...
−Client ID / Secret ID: See chapter External documentation.
+Client ID / Secret ID: See chapter [[#How to get my Client / Secret ID]].
Tenant: The ID of the tenant provided by Microsoft. Example: 123456ab-1234-5678-abdc-12345678abcd
Tenant: The ID of the tenant provided by Microsoft. Example: 123456ab-1234-5678-abdc-12345678abcd
Scope: Choose the scope '''openid''' and '''email'''
Scope: Choose the scope '''openid''' and '''email'''
+
+=== Other services ===
+====For Mastodon read/write ====
+
+URL for endpoint termination: Should be the root url of the Mastodon server; For example: https://mastodon.social
+
+Client ID / Secret ID: You can get them from your Mastodon profile account.
+
+Scope: Type '''read,write'''
+
== Generation of the token ==
== Generation of the token ==
Line 103:
Line 113:
* For Google, when your oauth entry is published in Production, Google verified, refresh_token expire is 180 days and has unlimited access_token refreshes.
* For Google, when your oauth entry is published in Production, Google verified, refresh_token expire is 180 days and has unlimited access_token refreshes.
−== External documentation ==
+== How to get my Client / Secret ID ==
−To create an OAuth entry, you need a Client and Secret ID (and sometimes a Tenant ID). Getting them depends on your OAUTH provider.
−=== For Microsoft 365===
+The following steps are:
−https://learn.microsoft.com/fr-fr/azure/active-directory/develop/quickstart-register-app#register-an-application
+* Go on https://portal.azure.com - Manage application to create an Application. You can get the value for Client ID in field "ID application (client)" and Tenant ID in field "ID annuary (tenant)"
+* Then set property "Assignation required to No (not sure this is necessary)
+* Then set Authentification chapter to add the allowed callback URL suggested by Dolibarr.
+* Then set Authorized API, for example Microsoft Graph email, IMAP.ACcessAsUser.ALL, Mail.Read, Mail.Send, offline_access, openid, profile, SMTP.Send
+* Then set Certificate & Secret (The Secret ID is column "Value", the column "ID of secret" can be ignored)
+You can get a summary of all of this in the menu "Overview"
−A thread in forum is also available related to use of OAuth2 for SMTP and IMAP: https://www.dolibarr.org/forum/t/oauth-office-365-and-email-collector/23437
+The is some documentation here:
+* See https://afterlogic.com/mailbee-net/docs/OAuth2Office365NonInteractive.html and https://learn.microsoft.com/fr-fr/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
+* Tutorial to register an application and create a secret ID: https://learn.microsoft.com/fr-fr/azure/active-directory/develop/quickstart-register-app#register-an-application
+* A thread in forum is also available related to use of OAuth2 for SMTP and IMAP: https://www.dolibarr.org/forum/t/oauth-office-365-and-email-collector/23437
=== For Google ===
=== For Google ===
−See https://support.google.com/cloud/answer/6158849
+The following steps are:
+{{ToComplete}}
+The is some documentation here:
+* See https://support.google.com/cloud/answer/6158849