Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
UPDATE 2023-02-17: Feature request for tSendMail + Exchange Auth: https://feedbackportal.microsoft.com/feedback/idea/c343ff42-a6ae-ed11-a81b-000d3a0450e3
Hello,
I'd like to provide an official update to this question / thread.
Microsoft is going to deprecate basic Auth (announcement , feedback) in the beginning of this October. This is done as Basic Auth is considered insecure. Talend mail components only support Basic Authentication, and while some providers provide Application passwords this functionality (feedback/feature request) is not available for Microsoft.
tSendMail
Talend jobs and components should be considered a daemon/service like application. For this it’s essential that there’s a non-interactive option for authentication. Microsoft recently made available Client Credential Flow support (announcement) for POP/IMAP. With this functionality it become possible to read e-mails. However in order to send e-mails one would traditionally rely on the SMTP protocol. As of the middle of September 2022 there’s still no support for SMTP with Client Credential flow.
This means that starting from October Microsoft will seemingly disable Basic authentication without providing a proper secure solution that can be used from daemon/service like applications. (No Non-interactive flow for SMTP , Confirmation from Microsoft Exchange team member )
The tSendMail component uses SMTP protocol and won't be affected by this change of Microsoft.
UPDATE 2022-10-06: To our current knowledge there's no non-interactive flow available for the SMTP protocol. This means that the same Microsoft Exchange auth type that is available for tPOP won't work with SendMail hence it wasn't added. In case there'll be a flow that can be used to generate tokens the token can be passed via the OAuth2 auth type as an Access Token. It might be necessary to enable 2 line auth under the Advanced settings.
It is also possible to add more dropdown options to make the token generation easier but these options need to support scheduled task executions where human interaction is not possible.
tPOP
The tPOP component uses POP / IMAP and will be impacted. Both of these components got their Authentication options modified and now have Oauth access token available next to the Basic Auth. If a token is presented the component can send/read e-mails. Such token can be generated via routines / external applications. This was introduced with Talend 8 R2022-08 and 7.3.1 R2022-09 releases. This should be a universal solution that can be used with any e-mail provider, and Oauth workflow.
Due to high demand we’ve also added support for Client Credential Flow in the tPOP component available as Microsoft Exchange auth. This will make the component to negotiate / retrieve an access token using the Microsoft Secure Authentication Library (MSAL). This was/going to be introduced Talend 7.3.1 R2022-09 and 8 R2022-09 releases. The necessary configuration steps can be found here: https://help.talend.com/r/en-US/8.0/pop/registering-microsoft-azure-application-for-pop-imap
Under the Advanced settings you can specify Custom properties. Adding the following entries will generate more logs about the debug steps. This will include the token value generated during the process.
"mail.debug" "true"
"mail.debug.auth" "true"
I hope this can be accepted as an answer to this question.
Regards,
Balázs
