# Set up Oauth 2.0
Recently Google and Microsoft changed their authentication method to send e-mails
With both you can either use the OAuth (method 2) authentification or the user/password (method 1), but note that the user/password and not the credentials you use to connect to your mailbox but application password that need to be created.
### Gmail
First make sure to be admin on your Google account, then follow these steps to generate your credentials:
* Go to the [Google cloud console](https://console.cloud.google.com/) dashboard and select a project (or create a new one)
* Go to **APIs and services** => **Library**, search for **Gmail API** and enable it
* On the overview page, click the **Create credentials** button (if this is not available, go to the **APIs and services** => **Credentials** menu and select "Create credentials" then "Help me choose". Select the Gmail API).
* You can skip the scope section by clicking the **Save and continue** button
* Select **Web application**, then in the **Authorised redirect URIs** section, add the **Redirect URL** that is shown in your AcyMailing configuration page.\
Note that it may differ if your administration URL has been customised:\
\- for Joomla websites\
\- for WordPress websites
{% hint style="warning" %}
The trailing slash is important, please make sure the redirect URI you enter is exactly the same as shown in your AcyMailing configuration otherwise Google will refuse the connection.
{% endhint %}
* Go to **OAuth consent screen**, then to **Audience** and make sure your app is "**External**".\
If you need to switch it from "**Internal**" to "**External**", select the "**In production**" option in the popup.
* You can then either **publish your app**, or add your email address as a test user. We will use the first method in this example to have permanent credentials. Note that Google can have already set your app in production, in which case you can skip this step.
* Go to the **Clients** menu then click the pencil to reveal your credentials
* Copy your **Client ID** and **Client secret** then paste them in your AcyMailing configuration, then configure the connection to your mailbox.
{% tabs %}
{% tab title="SMTP connection (sending emails)" %}
Select the **Google** sending method, then fill in the required information. The username is typically your email address:
* **Username**: your email address
* **Client id**: the Client ID you copied
* **Client secret**: the Client secret key you copied
{% endtab %}
{% tab title="IMAP connection (bounce messages)" %}
The typical configuration for a connection with a Gmail account uses the following values:
* **Bounce email address**: your email address
* **Server**: imap.gmail.com
* **Username**: your email address
* **Client id**: the Client ID you copied
* **Client secret**: the Client secret key you copied
{% endtab %}
{% endtabs %}
* Once the fields are set, click the Authenticate button then select your Google account
* Google will show a warning because your app hasn't been verified. This is normal, you can click the **Advanced** link at the bottom-left, then **Go to example.com (unsafe)** to be redirected to the consent screen.
* Finally, click the **Continue** button to allow your app to connect to your email address
You should then be redirected to your website and a confirmation should be shown if everything worked correctly:
### Outlook
* Sign in to the [Azure portal](https://entra.microsoft.com/#home)
* Search for **App registrations** and select it, then create a **New registration**
* You can name it how you prefer
* Select **Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)**
* In the **Redirect URI** part, select **Web** then copy and paste the **Redirect URL** shown in your AcyMailing configuration (usually your website's admin URL)
* Click the **Register** button to confirm the creation
* Copy the **Application (client) ID**, it is the first part of your credentials so you will need to copy it in your AcyMailing configuration. You can always find it under the **Overview** menu.
* You can now create the second par of your credentials, visit the **Certificates & secrets** menu and click the **New client secret** button
* You will be able to choose when these credentials expire (from 6 months to 24 months). Note that you will need to create new credentials here once they expire, and add them into AcyMailing again.
* Click the **Add** button
* Copy the value on the next page, this is your Client secret. It is shown only once, if you didn't copy it you can always create a new one.
* Your credentials are ready, you can now add them in the AcyMailing configuration:
{% tabs %}
{% tab title="SMTP connection (sending emails)" %}
Before adding your information in AcyMailing, you will need to add some permissions to your Microsoft app:
* Go to **API Permissions**
* Click on **Add a permission**
* Select **Microsoft Graph**
* Select **Delegated permissions**
* Search for **SMTP** and select **SMTP.Send**
* Search for **offline** and select **offline\_access**
In the AcyMailing configuration, select the **Outlook** sending method then fill in the required information. The username is typically your email address:
* **Username**: your email address
* **Tenant**: In most cases, you can select **Any account type**
* **Client id**: the Application ID you copied
* **Client secret**: the Client secret value you copied
{% endtab %}
{% tab title="IMAP connection (bounce messages)" %}
Before adding your information in AcyMailing, you will need to add some permissions to your Microsoft app:
* Go to **API Permissions**
* Click on **Add a permission**
* Select **Microsoft Graph**
* Select **Delegated permissions**
* Search for **IMAP** and select **IMAP.AccessAsUser.All**
* Search for **offline** and select **offline\_access**
You should have the following permissions configured:
If you have a personal email address, you will also need to authorise the IMAP connection by your app in your mailbox settings:
The typical configuration for a connection with a Microsoft account uses the following values:
* **Bounce email address**: your email address
* **Server**: outlook.office365.com
* **Username**: your email address
* **Tenant**: In most cases, you can select **Any account type**
* **Client id**: the Client ID you copied
* **Client secret**: the Client secret key you copied
{% endtab %}
{% endtabs %}
* Once the fields are set, click the **Authenticate** button. You will be redirected to the Microsoft account selection.
* On the next page, click the **Accept** button
* Once done, you should be redirected to your website with a confirmation message:
