Mail configuration - Gmail Follow
The ServiceManager uses your email settings for several purposes:
- Monitoring Agents: sends email when Test Agent's result is set to have email notification.
- RPA: email triggers fire RPAs when email is received.
This article describes how to set up a Gmail account in the ServiceManager
You may choose and use any of the 3 authentication methods bellow:
1) Gmail accounts - via OAuth2
For the ServiceManager to authenticate via OAuth, you need a service account - which is an account that belongs to an application instead of to an individual end user.
You must set up your Service Account from a G-Suite account
One critical step you must complete when trying to authenticate a Google service account using OAuth2, is that you must sign up for Google's paid service "G-Suite". This enables you to delegate domain-wide authority to the service account to send emails attached to a domain you've verified with Google.
Service accounts only work with G-Suite because you have to be able to preauthorize the service account and grant it access to the users account. There is no way to preauthorize a normal user Gmail account, and therefore there is no way to use service account authentication with a normal Gmail account.
Creating a Google service account
First, create a service account:
Open the Service accounts page (you must login the above page via your G-Suite account):
Select a project, or create a new one.
Create service account.
Under Service account details, type a name, ID, and description for the service account, then click Create and continue. (e.g. name = admin)
Under Grant this service account access to project, select role = owner.
Click add Create key, then click Create.
Next, create a service account key:
Click the email address for the service account you created.
Click the Keys tab.
In the Add key drop-down list, select Create new key.
Your new public/private key pair is generated and downloaded to your machine; it serves as the only copy of the private key. You are responsible for storing it securely. If you lose this key pair, you will need to generate a new one.
Delegate domain-wide authority to your service account
This step must be performed by a G-Suite administrator.
To access user data on a Google Workspace domain, the service account that you created needs to be granted access by a super administrator for the domain. For more information about domain-wide delegation, see Control Google Workspace API access with domain-wide delegation.
To delegate domain-wide authority to a service account:
From your Google Workspace domain’s Admin console (http://admin.google.com), go to Main menu menu > Security > Access and data control > API controls.
In the Domain wide delegation pane, select Manage Domain Wide Delegation.
Click Add new.
In the Client ID field, enter the client ID obtained from the service account creation steps above.
In the OAuth Scopes field, enter a comma-delimited list of the scopes required for your application: https://mail.google.com/
Enable Gmail API
- Open APIs & Services: https://console.cloud.google.com/apis
- Click Enable APIs and Services.
- Search for "Gmail API" and enable it.
Configure mail settings in your ServiceManager
Open your ServiceManager > Admin > Mail.
Enter either or both:
- imap.gmail.com , port 993 - for reading/listening for emails.
- smtp.gmail.com, port 465 - for sending emails.
SSL must be used with Gmail.
Select Authentication = OAuth2 GoogleCredential, and enter:
- Username = Your G-Suite admin account (NOT Service Account).
- Key file: select the json key file you downloaded (it must be loaded from local_folder/config).
Test your settings, and then save.
2) Gmail accounts - via App Password
- Go to https://myaccount.google.com/security and sign in with your Gmail credentials.
- In the "Signing in to Google" section, enable the 2-Step Verification.
- After enabling 2-Step Verification, return to "Signing in to Google" section
- Click on App passwords
- Select app=Mail and select device=Other , name it "ServiceManager-Dev".
- Done! Copy the app-password provided by Google and use it with your username in the ServiceManager in Admin > Mail.
Use TLS port 587 OR SSL port 465 as in the screenshot bellow.
3) Gmail accounts - via Basic Authentication
Works only until May 30, 2022 for personal accounts. Still works with G-Suite accounts.
Using Gmail account as your mail server requires to configure gmail access for external apps.
1. Navigate to: "https://myaccount.google.com/lesssecureapps?pli=1" and turn on "Access for less secure apps".
2. Use TLS port 587 OR SSL port 465:
3. If Gmail still denies access, try to open https://www.google.com/accounts/DisplayUnlockCaptcha in your browser, and then try again.
Please sign in to leave a comment.