search
www.mikopbx.comTelegram communityForum
githubEdit

Gmail Setup (oAuth2)

Gmail service mail configuration via OAuth2 Authentication

circle-info

Setting up OAuth 2.0 in Google requires using the station's URL address. The easiest way is to create a DNS record on the local server or add an IP address-to-domain name mapping in the hosts file on the device from which the configuration is being performed.

hashtag
Google Account Settings

  1. Before starting the setup, you need to change some Google account parameters. To do this, go to the account management page (linkarrow-up-right).

Google Account management page

  1. Go to the "Security and sign-in" section. Make sure that two-step authentication is configured.

Two-step authentication setup

  1. Go to the Google Cloud Console, to the "APIs & Services" section (linkarrow-up-right). Create a project for the current task.

"APIs & Services" section in Google Cloud

  1. Go to the APIs library (the "Library" section).

"Library" section in APIs & Services

  1. Enter "gmail api" in the search bar. Open the Gmail API card.

Gmail API in the Google Cloud library

  1. Click "Enable" to connect.

Enabling the API

  1. Go to the main APIs & Services page. Then click "OAuth consent screen".

"OAuth consent screen" section in APIs & Services

  1. Create a project (click "Get started"). Fill in an arbitrary name and your email. Select "Internal" as the Audience. Click "Create" to finish.

"Audience" parameter in project creation process

  1. Return to the main APIs & Services page. Then go to the "Credentials" section. Click "Create credentials". Select "OAuth client ID" to create.

Creating a new OAuth client ID

  1. Select "Web application" as the Application type. Then enter an arbitrary name. Click "Create".

Creating a new OAuth client ID

  1. Add a new "Authorized redirect URI".

circle-info

Format:

https://mikopbx.station.com/pbxcore/api/v3/mail-settings/oauth2-callback

Replace "mikopbx.station.com" with your station's URL.

Adding a new redirect URL

  1. An OAuth client will be created. Save the Client ID and Client Secret to your notes. You will need this data for the connection in the future.

Successfully created client

hashtag
Settings in MikoPBX

  1. Go to the "System" -> "Mail and notifications" section:

"Mail and Notifications" section in MikoPBX

  1. Next, go to "SMTP Settings". Fill in the following parameters:

  • Sender address, Sender name — your email and the name from which the emails will be sent.

  • Authentication type — OAuth2.

  • SMTP login — your email.

  • OAuth2 Provider — Google/Gmail.

  • Application ID (Client ID), Secret key (Client Secret) — the data saved from Google Cloud (step 12 from the previous section of this guide).

Leave all other settings at their default values. A more detailed description can be found in the main article about mail parameters (link).

After that, click "Save"!

Mail parameters for connecting Gmail

  1. Click the blue "Connect via OAuth2" button. Then select your Gmail account.

Selecting a Google account

  1. Confirm the sign-in: click "Continue".

Continuing authorization

  1. Confirm granting the required permissions (click "Allow").

Granting permissions

Upon successful authorization, you will see the following window.

Successful authorization

hashtag
Troubleshooting

Access blocked: Authorization Error (**Error 400: invalid_request)

Error 400: invalid_request

Solution: enter the station's URL address in the MikoPBX web interface: "Network and Firewall" -> "Network Interfaces". Go to the "Network Topology" section and enter the hostname in the "External hostname of your router" field. (Enable "This station is located behind a NAT router".)

Problem solution

Last updated

Was this helpful?