Solved

Correct Process to migrate from Basic Auth to OATH2

  • 24 August 2022
  • 6 replies
  • 151 views

Userlevel 3
Badge +7

Just seeing if anyone else has successfully migrated from basic auth (for their email support channel) to OAUTH2 for Microsoft accounts?

We have the banner along the top indicating of the change, however the steps provided to me do not make sense. (https://support.freshservice.com/en/support/solutions/articles/50000004192-deprecation-of-password-based-authentication-for-google-microsoft-email).

 

We access Freshservice/Freshworks via SSO. When I go to an email support channel (we have 6) and click ‘Migrate Now’,  and click on ‘Sign in with Microsoft’ it brings up the authentication page, which obviously is using MY account (as i’m logged into FS via SSO - AND I happen to be an exchange admin). If I then click the Accept button, the Email Support channel Incoming and Outgoing mail server changes to MY email.

 

As the Support Channel mailboxes themselves are just mailboxes, they are NOT an agent on Freshservice, neither are they Exchange Admins. So how do I change a support channel email to OAUTH without it changing to my email (or another exchange admins email) AND Freshservice knows which mailbox to check for tickets?

 

icon

Best answer by martin.j 30 August 2022, 08:17

View original

6 replies

Userlevel 6
Badge +10

Hello, 

 

If I remember correct when you get the login prompt you have the option to select another user. You change to the e-mail of the mail box that is configured in Freshservice.  

 

KR

Daniel 

Userlevel 3
Badge +7

Thanks. I’m attempting that, but when I click ‘Use another account’ it just refreshes the page back to my email address...

Userlevel 6
Badge +10

Thanks. I’m attempting that, but when I click ‘Use another account’ it just refreshes the page back to my email address...

Okay, you can still login with your e-mail if you have access to the mailbox with your account. 
But have you tried running the web browser in incognito/inPrivate. Could be your SSO if you have set that up and incognito usually fools it. 
 

Userlevel 3
Badge +7

Yeah I just spoke to 2nd line support. As we use SSO with Freshworks, I had to open an InPrivate Window > Then log into FreshWORKS using the SSO bypass URL > then I could go to each Email channel mailbox and log in using the relevant account.

 

I have asked that Support update their guides to indicate how to perform the process when using SSO

Badge

So are you not using shared mailboxes, then?  This will authenticate me for my shared mailbox (helpdesk address), but it uses my email as the SMTP address in a “send as” fashion - thus all of the sent mail from the helpdesk box show up in my own sent mailbox.

I will probably just create a service account with an exchange online-only license and authenticate with that, but wondering if anyone has any better suggestions or am I just completely doing this wrong.

(I am new to FS and we are still in implementation)

Userlevel 3
Badge +7

@jfwilson - no, definitely use Shared mailboxes! My issue was that we used Shared Mailboxes, but when trying to change to Oauth2, it would try and login using MY mailbox (which is what it sounds like is happening to you).

The fix, was needing to open FService/works in an InPrivate window and ensure logging in (with the shared mailbox login details) using the NON SSO link.

Reply