SMTP Email Options

Selecting SMTP Email in the left panel of the Options tab provides the following view, where you can specify the SMTP email server used by ExtremeCloud IQ Site Engine when sending emails to users. You can configure ExtremeCloud IQ Site Engine to send emails to users in a variety of circumstances, including as an alarm action and when sending scheduled network reports. These settings apply to all users. You must be assigned the appropriate user capability to configure these options.

Changing a value from the system default causes a Default Value button to appear. Selecting this button changes the field back to the system default value.

SMTP Email Options

Outgoing Email (SMTP) Server
The email server used for outgoing messages.
Sender's Email Address
The sender's email address used to send outgoing email notification messages. Enter the address in a fully qualified format, such as "sender's name@sender's domain."
SMTP Password/Access Token
The password for the user account entered in the Sender's Email Address field. Select the Eye icon to display your password.
When Use OAUTH Authentication Method is selected in the OAUTH Configuration section, this SMTP Password/Access Token field must contain the Access Token.
SMTP Server Port
The SMTP port used. The default SMTP Server Port is 25. Enter the port number required for your selected SSL or TLS option. For example, common port numbers are 456 for SSL and 587 for TLS.
Use SSL Communication
Select the checkbox to enable legacy SSL. Do not use SSL when TLS is enabled.
Use TLS Encryption
Select the checkbox to enable TLS. Do not use SSL when TLS is enabled.
Use OAUTH Authentication Method
Select the checkbox to enable OAUTH. If enabled, you must also use TLS, and configure the SMTP Server Port for TLS use. Do not use SSL when TLS is enabled.
Update Access Token
Select the checkbox to enable automatic updates of the Access Token. Requires a configuration to receive access token updates from your OAUTH provider. You must have a valid access token in the SMTP Password/Access Token field during the configuration.
  • Interval - Enter a time of how often to update the access token
  • Host URL - Enter the URL of the OAUTH provider.
  • Client ID - Enter the client ID required to update the access token.
  • Client Secret - Enter the client secret required to update the access token.
  • Refresh Token - Enter the refresh token required to update the access token.
  • Parameter 1 - Optional additional parameter that can be used to update the access token.
  • Parameter 2 - Optional additional parameter that can be used to update the access token.
  • Parameter 3 - Optional additional parameter that can be used to update the access token.

Examples and How-tos for using OAUTH with Gmail

For information about how to use OAuth 2.0 from Google, go to https://developers.google.com/identity/protocols/oauth2/ for high-level details, and https://support.google.com/cloud/answer/6158849?hl=en for more detailed steps.

The following explains how you can generate the required information to configure ExtremeCloud IQ Site Engine to use Gmail as an OAUTH provider. For additional information, watch this video - OAUTH with Gmail

  • You can create the OAUTH 2.0 Client IDs in the credentials menu and select Desktop app as the application type.
    Then download the JSON file as it contains the Client ID, Client Secret, and Host URL information required to configure the Update Access Token option.

  • Creating an OAUTH consent application example:

    • Publishing Status - In production

    • User type - External

    • App logo - Empty

    • App domain - Empty

    • Authorized domains - Empty

    • Your non-sensitive scopes - See your primary Google Account email address

    • Your sensitive scopes - Empty

    • Your restricted scopes - Empty

  • You can use an oauth2.py script by Google, located in ExtremeCloud IQ Site Engine <install directory>/scripts/ to generate an access token and refresh token:

    • An example script syntax is shown below, you must input your user google email address, client ID, client secret, and an accurate directory path for your installation:

      python /usr/local/Extreme_Networks/NetSight/scripts/oauth2.py --user=<email_address> --client_id=<id> --client_secret=<secret> --generate_oauth2_token

      Running the oauth2.py script generates a URL for authorization and waits for a verification code.

    • Copy the script generated URL into a web browser and authorize the application. The URL redirects to 127.0.0.1 (and a timeout occurs) with a verification code generated in the redirected URL between code= and &scope, for example:

      http://127.0.0.1:81/?code=4/0AWtgzh5sUJhblPSKS4zFGIC-wWOpnPNYBNemiwxNiEn35RhTZNFkJXZP8mBTGJqaGVlcM3w&scope=https://mail.google.com/

    • Enter the verification code into the waiting script. The script responds with the Refresh Token, Access Token, and Expiration time Interval..

      •   NOTE: When configuring the OAUTH update access token interval field in ExtremeCloud IQ Site Engine, enter an interval value that is less than the expiration time output by the oauth2.py script.
    • Use the information you obtained from the JSON file and the oauth2.py script to configure the ExtremeCloud IQ Site Engine SMTP Email OAUTH Configuration with the Update Access Token option enabled.
      Here are additional example configuration parameters for using OAUTH with Gmail:
      • Outgoing Email (SMTP) Server: smtp.gmail.com
      • SMTP Server Port: 587
      • Use SSL Communications: No
      • Use TLS Encryption: Yes


Related Information

For information on related help topics: