By default, ReportMagic will use its own email address to send you emails. However, you can configure ReportMagic to send emails from an email account that you own.

Method 1: Authenticating with Username and Password (Traditional SMTP)

This is the standard method for authenticating with an SMTP server that uses basic authentication.

1. From the Admin menu, click Connections.
2. Click the Create button.
3. From the Type drop-down, select a Connection type of SMTP.
4. Enter a name - we recommend that you use "Default" for the name of the first connection of each type, and optionally a description.
5. In the URL field, enter hostname:port (for example "smtp.outlook.com:587" for Office 365).
6. In the User name field, enter your username.
7. In the Password field, enter your password.
8. In the Configuration field, enter JSON in the form:

   {
       "UseSsl" : true,
       "FromDisplayName" : "ACME Reporting",
       "FromAddress" : "reports@acme.com"
   }
   

Method 2: Authenticating with OAuth2 (Client Credentials Grant for Microsoft 365/Azure)

ReportMagic supports OAuth2 for SMTP connections specifically using the Client Credentials grant flow. This method is suitable for server-to-server authentication where ReportMagic needs to access a protected resource (sending emails) without a user present, and it requires registering an application in your email provider's identity system (e.g., Azure Active Directory for Microsoft 365).

Important Note: The Client Credentials grant flow is primarily supported by Microsoft (Azure Active Directory) for service-to-service communication. Google (Gmail) does not support the Client Credentials grant flow for sending emails via SMTP or their APIs. Therefore, ReportMagic's OAuth2 SMTP capability is currently limited to Microsoft 365/Azure environments.

1. From the Admin menu, click Connections.
2. Click the Create button.
3. From the Type drop-down, select a Connection type of SMTP.
4. Enter a name - we recommend that you use "Default" for the name of the first connection of each type, and optionally a description.
5. In the URL field, enter hostname:port (for example "smtp.outlook.com:587" for Office 365).
6. In the User name field, enter the email address that the application is configured to send emails from (e.g., reports@yourcompany.com). This address should be configured in Azure AD to allow the service principal to send on its behalf.
7. In the Password field, enter the Client Secret obtained from your application registration in Azure Active Directory.
8. In the Configuration field, enter JSON in the form:

   {
     "UseSsl" : true,
     "FromDisplayName" : "ACME Reporting",
     "FromAddress" : "reports@acme.com",
     "GrantType":"ClientCredentials",
     "AuthType":"OAuth2",
     "ClientID": "YOUR_CLIENT_ID",
     "Scope":"https://outlook.office365.com/.default",
     "TokenUrl":"https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/token",
     "ClientAuthType":"SendClientCredentialsInBody"
   }
   

Explanation of Configuration fields for OAuth2 (Client Credentials):

• "UseSsl": Set to true if your SMTP server requires SSL/TLS encryption. Most modern email servers do.
• "FromDisplayName": The name that will appear as the sender of the email (e.g., "ACME Reporting").
• "FromAddress": The email address that will appear as the sender of the email (e.g., "reports@acme.com").
• "GrantType": Must be set to "ClientCredentials".
• "AuthType": Must be set to "OAuth2".
• "ClientID": This is the Application (client) ID obtained from your application registration in Azure Active Directory.
• "Scope": The permissions ReportMagic requires. For Microsoft 365, https://outlook.office365.com/.default is a common scope for sending mail on behalf of the application itself.
• "TokenUrl": The OAuth2 token endpoint for your Microsoft 365 tenant. The YOUR_TENANT_ID will be your Azure AD Tenant ID (Directory ID).
• "ClientAuthType": Specifies how the client credentials (ClientID and ClientSecret) are sent to the token endpoint. "SendClientCredentialsInBody" means they are sent in the request body.

Reference: For detailed instructions on how to set up the Azure AD application and obtain the necessary credentials for Client Credentials grant flow for SMTP, please refer to the Microsoft documentation: https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#use-client-credentials-grant-flow-to-authenticate-smtp-imap-and-pop-connections

Important Notes (applicable to both methods):

• Some systems require that the FromDisplayName is exactly as per the user's display name.
• ReportMagic does not process incoming email.
• We recommend setting up a dedicated account (e.g., reports@company.com) with an auto-reply to indicate to anyone that replies that emails to this account are not read. The account should be set up with a secure password that does not expire. If non-expiry is not an option, you will be responsible for rotating credentials in ReportMagic. For OAuth2, if your application secrets expire or are revoked, you will need to update them in ReportMagic.