Email provider configuration reference

Properties

Property Description Required? /
Type Support

Property	Description	Required? / Type Support
`type`	The email service type, `smtp` or `msgraph`. When no type is specified, the default value is `smtp`.	No
`mailEndpoint`	The URI for the MS Graph API `sendMail` endpoint. Typical format: `https://graph.microsoft.com/v1.0/users/{user}@{tenant}.onmicrosoft.com/sendMail`	Yes Only for `msgraph` type.
`host`	The hostname or IP address of the SMTP server.	Yes Only for `smtp` type.
`port`	SMTP server port number, such as 25, 465, or 587. Many SMTP servers require the use of a secure port such as 465 or 587. Many ISPs flag email from port 25 as spam.	Yes Only for `smtp` type.
`debug`	When set to `true`, this option outputs diagnostic messages from the JavaMail library. Debug mode can be useful if you’re having difficulty configuring the external email endpoint with your email server.	No Only for `smtp` type.
`from`	Specifies a default From: address which displays when users receive emails from Advanced Identity Cloud. Although `from` is optional in the email configuration, the email service requires this property to send email. If you don’t specify a `from` address in the email configuration, you must provide one in another way, for example: From an email template. As a parameter in the email service request (`from` or `_from`).	No
`auth`	Contains authentication detail sub-properties. Learn more about authentication sub-properties.	Yes Required sub-properties vary based on `type`.
`starttls`	If `"enable" : true`, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. If the server doesn’t support STARTTLS, the connection continues without the use of TLS.	No Only for `smtp` type.
`ssl`	Set `"enable" : true` to use SSL to connect, and use the SSL port by default.	No Only for `smtp` type.
`smtpProperties`	SMTP options. Learn more about SMTP sub-properties.	No Only for `smtp` type.
`threadPoolSize`	Emails are sent in separate threads managed by a thread pool. This property sets the number of concurrent emails that can be handled at a specific time. The default thread pool size (if none is specified) is `20`.	No
`connectiontimeout`	The socket connection timeout, in milliseconds. The default connection timeout (if none is specified) is `300000` milliseconds, or five minutes. A setting of 0 disables this timeout.	No
`timeout`	The socket read timeout, in milliseconds. The default read timeout (if none is specified) is `300000` milliseconds, or five minutes. A setting of 0 disables this timeout.	No Only for `smtp` type.
`writetimeout`	The socket write timeout, in milliseconds. The default write timeout (if none is specified) is `300000` milliseconds, or five minutes. A setting of 0 disables this timeout.	No Only for `smtp` type.

type

The email service type, smtp or msgraph. When no type is specified, the default value is smtp.

mailEndpoint

The URI for the MS Graph API sendMail endpoint.

Typical format:

https://graph.microsoft.com/v1.0/users/{user}@{tenant}.onmicrosoft.com/sendMail

Yes

Only for msgraph type.

host

The hostname or IP address of the SMTP server.

Yes

Only for smtp type.

port

SMTP server port number, such as 25, 465, or 587.

Many SMTP servers require the use of a secure port such as 465 or 587. Many ISPs flag email from port 25 as spam.

Yes

Only for smtp type.

debug

When set to true, this option outputs diagnostic messages from the JavaMail library. Debug mode can be useful if you’re having difficulty configuring the external email endpoint with your email server.

Only for smtp type.

from

Specifies a default From: address which displays when users receive emails from Advanced Identity Cloud.

Although from is optional in the email configuration, the email service requires this property to send email. If you don’t specify a from address in the email configuration, you must provide one in another way, for example:

From an email template.
As a parameter in the email service request (from or _from).

auth

Contains authentication detail sub-properties. Learn more about authentication sub-properties.

Yes

Required sub-properties vary based on type.

starttls

If "enable" : true, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. If the server doesn’t support STARTTLS, the connection continues without the use of TLS.

Only for smtp type.

ssl

Set "enable" : true to use SSL to connect, and use the SSL port by default.

Only for smtp type.

smtpProperties

SMTP options. Learn more about SMTP sub-properties.

Only for smtp type.

threadPoolSize

Emails are sent in separate threads managed by a thread pool. This property sets the number of concurrent emails that can be handled at a specific time. The default thread pool size (if none is specified) is 20.

connectiontimeout

The socket connection timeout, in milliseconds. The default connection timeout (if none is specified) is 300000 milliseconds, or five minutes. A setting of 0 disables this timeout.

timeout

The socket read timeout, in milliseconds. The default read timeout (if none is specified) is 300000 milliseconds, or five minutes. A setting of 0 disables this timeout.

Only for smtp type.

writetimeout

The socket write timeout, in milliseconds. The default write timeout (if none is specified) is 300000 milliseconds, or five minutes. A setting of 0 disables this timeout.

Only for smtp type.

The msgraph type also supports the External REST configuration properties.

`auth` sub-properties

Property Description Required? /
Type Support

Property	Description	Required? / Type Support
`enable`	Whether you need login credentials to connect to the server/API. If `"enable" : false,`, you can leave the entries for `"username"` and `"password"` empty: `"enable" : false, "username" : "", "password" : ""`	Yes
`username`	Account used to connect to the server/API.	No
`password`	Password used to connect to the server/API.	No
`type`	Authentication type used to connect to the server/API: `basic`—basic authentication using a username and password. Default value. `oauth2`—OAuth2 authentication. Requires additional `oauth2` properties. The `msgraph` configuration type only supports `oauth2`.	Yes

enable

Whether you need login credentials to connect to the server/API.

If "enable" : false,, you can leave the entries for "username" and "password" empty:

"enable" : false,
"username" : "",
"password" : ""

Yes

username

Account used to connect to the server/API.

password

Password used to connect to the server/API.

type

Authentication type used to connect to the server/API:

basic—basic authentication using a username and password. Default value.
oauth2—OAuth2 authentication. Requires additional oauth2 properties. The msgraph configuration type only supports oauth2.

Yes

`oauth2` properties

Property Description Required? /
Type Support

Property	Description	Required? / Type Support
The following properties are only applicable when the `auth/type` is `oauth2`.
`clientId`	Client ID used to request an access token from the token endpoint. Obtained during Azure application creation.	Yes
`clientSecret`	Client secret used to request an access token from the token endpoint. Obtained during Azure application creation.	Yes
`tokenEndpoint`	OAuth2 token endpoint. Typical format: `https://login.microsoftonline.com/{tenant}.onmicrosoft.com/oauth2/v2.0/token`	Yes
`scope`	Requested OAuth2 scopes in a JSON array of strings.	Yes
`scopeDelimiter`	Scope delimiter to use. Defaults to space.	No
`grantType`	The only supported grant type is `client_credentials`.	No

The following properties are only applicable when the auth/type is oauth2.

clientId

Client ID used to request an access token from the token endpoint. Obtained during Azure application creation.

Yes

clientSecret

Client secret used to request an access token from the token endpoint. Obtained during Azure application creation.

Yes

tokenEndpoint

OAuth2 token endpoint.

Typical format:

https://login.microsoftonline.com/{tenant}.onmicrosoft.com/oauth2/v2.0/token

Yes

scope

Requested OAuth2 scopes in a JSON array of strings.

Yes

scopeDelimiter

Scope delimiter to use. Defaults to space.

grantType

The only supported grant type is client_credentials.

`smtpProperties` sub-properties

Property Description Required? /
Type Support

mail.smtp.ssl.protocols

The enabled SMTP SSL connection protocols. Protocols are specified as a whitespace-separated list. The default protocol is TLSv1.2.

Only for smtp type.

mail.smtps.ssl.protocols

The enabled SMTPS SSL connection protocols. Protocols are specified as a whitespace-separated list. The default protocol is TLSv1.2.

Only for smtp type.

mail.mime.allowutf8

Adds support for UTF-8 (Non-ASCII) characters in the local part of email addresses (everything before the @ character) if set to true.

Do not set this property unless your SMTP provider supports UTF-8 characters. Learn more in International email addresses.

Only for smtp type.

PingOne Advanced Identity Cloud

Email provider configuration reference

Properties

auth sub-properties

oauth2 properties

smtpProperties sub-properties

`auth` sub-properties

`oauth2` properties

`smtpProperties` sub-properties