AEM Email Oauth Configuration - Redirect Url? | Adobe Higher Education
Skip to main content
R
raymuirhead
Level 2
October 19, 2022
Respondido

AEM Email Oauth Configuration - Redirect Url?

  • October 19, 2022
  • 1 resposta
  • 1555 Visualizações

I'm following this guide to set up email notifications in AEM via OAuth, as it is required to send emails via Microsoft Office 365.

 

https://experienceleague.adobe.com/docs/experience-manager-65/administering/operations/notification.html?lang=en#microsoft-outlook

 

The question I have is about the "Redirect Url" configured in Azure, and the "AuthCode Redirect Url" on the "CQ Mailer SMTP OAuth2 Provider" configuration.

 

The documentation just gives the value of http://localhost:4503/services/mailer/oauth2/token but doesn't explain how / why this URL is used.  It seems like this is a placeholder but it's not exactly clear how it needs to be replaced for each server?

 

We are actually setting up email on the Author server, so should this be on port 4502?  And should the URL be the fully qualified externally resolvable URL for the server rather than localhost?  It is a bit confusing as the documentation reads like this is a set value rather than something that should be set according to the specific environment.

 

Este tópico foi fechado para respostas.
Melhor resposta por Chandra_Hire

Hi @raymuirhead,

AEM  "CQ Mailer SMTP OAuth2 Provider" service is based on oAuth2 authentication mechanism. In this case, oauth authorization server (here Azure AD) needs redirect url where this authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token. 

 You can read further information on oauth2 flow and redirect url.

Microsoft identity platform and OAuth 2.0 authorization code flow - Microsoft Entra | Microsoft Learn

Redirect URI (reply URL) restrictions - Microsoft Entra | Microsoft Learn

 

Coming back to the instruction given in the Adobe document for "CQ Mailer SMTP OAuth2 Provider" configuration, "AuthCode Redirect Url" pointing to localhost (localhost;4503/services/mailer/oauth2/token), it can be seen that same url has been registered in Azure AD configuration for Redirect URI (step 8 in Adobe document). So, after authorization user will be redirected to this url for further process in the flow at AEM end.
In order to resolve this url at AEM, it needs to be internally redirected to respective service (i.e. /services/mailer/oauth2/token) in AEM (please refer - How to use internal redirects in AEM? - MagmaLabs Blog) if not already available otherwise instead of localhost, url externally accessible to the network needs to be configured at Azure AD and AEM.

 

Hope this helps.

 

1 Resposta

Chandra_Hire
Chandra_HireResposta
Level 4
October 21, 2022

Hi @raymuirhead,

AEM  "CQ Mailer SMTP OAuth2 Provider" service is based on oAuth2 authentication mechanism. In this case, oauth authorization server (here Azure AD) needs redirect url where this authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token. 

 You can read further information on oauth2 flow and redirect url.

Microsoft identity platform and OAuth 2.0 authorization code flow - Microsoft Entra | Microsoft Learn

Redirect URI (reply URL) restrictions - Microsoft Entra | Microsoft Learn

 

Coming back to the instruction given in the Adobe document for "CQ Mailer SMTP OAuth2 Provider" configuration, "AuthCode Redirect Url" pointing to localhost (localhost;4503/services/mailer/oauth2/token), it can be seen that same url has been registered in Azure AD configuration for Redirect URI (step 8 in Adobe document). So, after authorization user will be redirected to this url for further process in the flow at AEM end.
In order to resolve this url at AEM, it needs to be internally redirected to respective service (i.e. /services/mailer/oauth2/token) in AEM (please refer - How to use internal redirects in AEM? - MagmaLabs Blog) if not already available otherwise instead of localhost, url externally accessible to the network needs to be configured at Azure AD and AEM.

 

Hope this helps.

 

    Termos e condiçõesAccessibility statement

    Loading footer...