ManageEngine DDI Central now facilitates Open Authorization (OAuth), which can be configured with your organization’s SMTP servers for implementing secure, reliable mail authentication for clients. OAuth provides credential-less authentication for accessing SMTP servers to send emails efficiently. It benefits users in a safe, secure approach to permitting third-party applications to access users’ SMTP servers without using their credentials. This prevents external attackers from interrupting and accessing users’ credentials.
Try a free, 30-day trial now to understand how DDI Central’s OAuth configuration works!
(Note: DDI Central currently supports OAuth only for mail authentication and through the providers Google and Microsoft only; it does not support full-fledged OAuth for login authentication.)
What is OAuth configuration?
OAuth is the authorization standard that helps in permitting apps to access a client’s protected resources. In mail authentication, OAuth allows a third-party application (like DDI Central), as the client, to access the users’ SMTP servers with the access tokens shared by the providers (Google and Microsoft). This enables credential-less authentication for third-party applications without requiring a username and password for every access request, thus enhancing security and privacy.
How OAuth in DDI Central works when configured with SMTP servers?
You can configure OAuth in DDI Central by filling out the following fields:
NAME: Provide the name of the OAuth provider configuration for identification.
PROVIDER: Select the provider for this configuration (Google or Microsoft).
DESCRIPTION: Enter the description for the configuration.
CLIENT ID: Provide the client ID given by the selected OAuth provider.
CLIENT SECRET: Provide the client secret provided by the selected OAuth provider.
(Note: The AUTHENTICATION URL, TOKEN URL, REDIRECT URL, and SCOPE fields will be autofilled based on the selected provider. The AUTHENTICATION URL, TOKEN URL, and SCOPE fields can be modified, but the REDIRECT URL field can’t be modified.)
After that, you need to associate OAuth with your SMTP servers for implementing OAuth configuration in your mail authentication. Here is the guide for configuring the SMTP hosts.
When DDI Central, as the client, tries to send emails with the user credentials, it reaches out to the provider to request a token for the SMTP server by providing the client ID and client secret. The provider gives the token, which is then given to the SMTP server for verification. The SMTP server then allows the client (DDI Central) to access the user’s resources for sending emails.
Benefits of configuring OAuth with mail servers
OAuth configuration with mail servers benefits users in the following ways for a streamlined approach to mail authentication:
Improved security: OAuth implements credential-less authentication, eliminating the need to share the user’s username and password with the SMTP server for every interaction, thus reducing the risk of unauthorized users getting their hands on the credentials.
Single sign-on (SSO): OAuth enables SSO so users can sign in once with the identity provider (Google or Microsoft) and gain access to all the applications without multiple logins, thus increasing efficiency and productivity.
Token-based authentication: OAuth works on token-based authentication where tokens are generated by the provider and sent to the client based on the client ID and client secret for accessing the SMTP servers. This is a better security alternative to providing user credentials.
Modern application compatibility: OAuth is widely supported by modern email clients and applications, particularly for cloud services, ensuring compatibility with modern, mobile, and remote work requirements.
Implement streamlined, secured mail authentication in your organization with the help of DDI Central’s OAuth configuration
The OAuth configuration in DDI Central enhances the security of your SMTP servers by implementing a credential-less, token-based authentication approach. This robust method prevents unauthorized individuals from accessing your mail servers and reduces the risk of attacks.
With OAuth, SMTP servers only grant access to third-party applications that present a valid token generated by the authentication provider. This mechanism ensures that only authorized entities can access user resources, restricting unauthorized access. By eliminating the need for traditional credentials, OAuth further mitigates the vulnerabilities associated with password-based authentication, providing a secure, streamlined authorization experience.
Curious to learn more?
Watch the full recording of our recent webinar to discover how DDI Central can revolutionize data center networks. Don’t miss out—click to watch now!