--- title: Configuring an SMTP Notification Publisher instance description: Set up an instance of the SMTP Notification Publisher for PingFederate to notify administrators and end users about various events. You can configure multiple instances, each with different settings as needed. component: pingfederate version: 13.1 page_id: pingfederate:administrators_reference_guide:help_notificationsendermanagementstate_configureauthnadapterstate_smtp canonical_url: https://docs.pingidentity.com/pingfederate/13.1/administrators_reference_guide/help_notificationsendermanagementstate_configureauthnadapterstate_smtp.html llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md revdate: March 11, 2026 section_ids: steps: Steps next-steps: Next steps --- # Configuring an SMTP Notification Publisher instance Set up an instance of the SMTP Notification Publisher for PingFederate to notify administrators and end users about various events. You can configure multiple instances, each with different settings as needed. ## Steps 1. On the **Instance Configuration** tab, provide the required information or update any default or previously configured setting values. For more information about each field, refer to the following table: | Field | Description | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **From Address** (required) | The email address that appears in the "From" header line in email messages generated by PingFederate. The address needs a valid format but doesn't need to be set up on your system. | | **Sender Name** | The sender name displayed in email messages generated by PingFederate.Sender name can't exceed 256 characters. | | **Email Server** (required) | The IP address or host name of your email server. | | **SMTP Port** | The SMTP port on your email server.The default value is `25`. | | **Encryption Method** | Select **SSL/TLS** to establish a secure connection to the email server at the SMTPS port.Select **STARTTLS** to establish an unencrypted connection to the email server at the SMTP port and initiate a secure channel afterward.Select **None**, the default value, to establish an unencrypted connection to the email server at the SMTP port. | | **SMTPS Port** | The secure SMTP port on your email server. Only applicable if you select **SSL/TLS** as the chosen encryption method.The default value is `465`. | | **Verify Hostname** | Indicates whether to verify the host name of the email server matches the `Subject (CN)` or one of the `Subject Alternative Names` from the certificate. Only applicable if you select **SSL/TLS** or **STARTTLS** as the chosen encryption method.This checkbox is selected by default. | | **UTF-8 Message Header Support** | Indicates whether the email server supports UTF-8 encoding in message headers; for example, in the recipient email address. Enable this option only if your email server supports this feature.With this option enabled, PingFederate supports UTF-8 characters in the sender and recipient email addresses. It doesn't support emojis in the domain portion of the email address. | | **Authentication Method** | The method used to authenticate the SMTP server. Depending on which method you select, you will have to complete different fields on this form. If you select **None**, you can skip down to **Test Address**. | | **Basic Authentication** Microsoft Exchange Online will deprecate basic authentication beginning in late 2026. Learn more in Updated Exchange Online SMTP AUTH Basic Authentication Deprecation Timeline in the Microsoft community site. | | | **Username** | The username for the SMTP server. | | **Password** | The password for the SMTP server. | | **OAuth 2.0 Bearer Token** | | | **OAuth Authentication Method** | The method for obtaining an OAuth access token. For either method, you must configure **OAuth Token Endpoint**, **OAuth Scope**, and **Client ID**. Other fields will depend on the method you select. | | **OAuth Token Endpoint** | The URL for the OAuth token endpoint | | **OAuth Scope** (Optional) | The authorization scopes requested from the OAuth endpoint. Separate multiple scopes with spaces. | | **Client ID** | The ID of the client created for authentication. | | If you selected **Client Credentials**, configure one of the following fields: | | | **Client Secret** | The secret associated with the client ID. | | **Client Secret Reference** | The secret reference for the client when using a configured secret manager. The format is `OBF:MGR:{secretManagerId}:{secretId}`. Learn more in [Secret managers](pf_secret_managers.html). | | If you selected **Private Key JWT**, configure the following fields: | | | **Use Centralized Signing Key** | Select this option to use a centralized key when signing JWTs using an RSA-based or EC-based algorithm. | | **JWT Signing Key** | Select a signing key in the list to use for creating JWT client assertions. Used only when **Use Centralized Signing Key** is cleared. | | **JWT Signing Algorithm** | Select a signing algorithm in the list to use for creating JWT client assertions. Used only when **Use Centralized Signing Key** is cleared. This is also required when **Use Centralized Signing Key** is selected. | | **JWT Audience** | The audience claim for the JWT assertion. The issuer identifier of the authorization server is the recommended value. | | **JWT Lifetime** | The lifetime in minutes of the JWT client assertion. Maximum value is `1440`. Default value is `5`. | | **JWT Type Header** | The type header value value for the JWT client assertion. Check the provider schema for recommended value. | | **Test Address** | Enter an email address PingFederate should use to verify connectivity with the configured email server. | | Click **Show Advanced Fields** to review the following settings. Modify as needed. | | | **Connection Timeout** | The amount of time in seconds that PingFederate waits before it times out connecting to the SMTP server.The default value is `30`. | | **Enable SMTP Debugging Messages** | Turns on detailed error messages for the PingFederate server log to help troubleshoot SMTP issues. This setting is disabled by default. When enabled, PingFederate logs email messages, which can contain sensitive information, to the server log. Consider enabling debug messages solely for troubleshooting purposes and disabling this option when debug messages are no longer required. | 2. Click **Next**. ## Next steps You can modify email-notification template files to suit the particular branding requirements. Learn more in [Customizable email notifications](pf_customiz_email_notificat.html).