Skip to content


EDCS Gateway - Support for Azure OAuth Authentication

This is an advanced topic and following this guide will involve access to the Sequoia Server


Sequoia v5.29 onwards


Overview

Support for basic authentication for Azure email services is being phased out by Microsoft and replaced with OAuth authentication.

Release 5.29 of Sequoia introduces support for the OAuth authentication used for Azure email services (Office 365 email).

Requirements

To setup Sequoia to use Azure OAuth authentication, the following information in relation to your Azure email server will be required from your IT support:

  1. Active Directory username
  2. Application (client) ID
  3. Directory (tenant) ID
  4. Client Secret

Information on authenticating an email connection using Microsoft OAuth can be found here.

Process to modify your EDCS gateway

The following instructions require both a file to be modified and an application run under the context of a user account with elevated privileges.

  1. Upgrade Sequoia to release 5.29, or later.
  2. Modify the configuration file as follows:
    1. Browse to the EventProcessingService sub-directory of the Sequoia Server directory (by default this will be [installation drive]:\Program Files (x86)\ASM\Sequoia Server\EventProcessingService).
    2. Locate and edit the EventProcessingEngine.unity.cfg file.
    3. Locate the <!-- Email --> section.
    4. Comment the <!--For POP 3 Using Basic Authentication--> registration.
    5. Uncomment the <!--For POP 3 Using AzureAD OAuth--> registration.
    6. The <!-- Email --> section of the file should now look like this:
        <!-- Email -->
  <!--For POP 3 Using Basic Authentication-->
  <!-- <register type="ASM.Common.Email.Pop3.IPop3MailClient, ASM.Common.Email"
            mapTo="ASM.Common.Email.Pop3.Pop3MailClient, ASM.Common.Email" /> -->

  <!--For POP 3 Using AzureAD OAuth-->
  <register type="ASM.Common.Email.Pop3.IPop3MailClient, ASM.Common.Email"
            mapTo="ASM.Common.EmailAzure.Pop3.AzurePop3MailClient, ASM.Common.EmailAzure">
    <constructor />
  </register>
    7. Save and close the file.
  3. You will now need to run a program to update Sequoia with your Azure email details (see Requirements above).
  4. Within the EventProcessingService directory (by default this will be [installation drive]:\Program Files (x86)\ASM\Sequoia Server\EventProcessingService), browse to the Utilities\AzureAd directory.
  5. Run the ASM.Sequoia.EP.AzureAd.exe application.
    You should see the following:
    Console application for entering the Azure OAuth details
  6. Read the instructions and check you have the information required.
  7. Type Y and press Enter if you have the information.
  8. Enter the details as requested. Note, for security purposes, the Client Secret will not be displayed and will be encrypted within Sequoia.
  9. Start, or restart, the ASM Sequoia Event Processing Service.