OAUTH access for TopView with Microsoft 365
This article provides information on setting up access to email for TopView through a Microsoft 365 system.
TopView can leverage "Modern Authentication", or OAUTH, access to Microsoft 365 email systems. To facilitate access, TopView requires an account authorized to send email.
Scopes
To send/receive email, TopView must be authorized to access these resources. This is managed by granting TopView permissions through scopes in Azure Active Directory.
Here are the required scopes for TopView access and their justifications:
- https://outlook.office.com/IMAP.AccessAsUser.All - Provides IMAP access to TopView, used to check the email inbox
- https://outlook.office.com/SMTP.Send - Provides SMTP access to TopView, used to send email notifications
- offline_access - Allows TopView to request refresh tokens without user presence/interaction. This is necessary because we recommend running TopView as a Windows Service which does not allow user interactions.
Microsoft OAuth Client credentials flow for email access
TopView can leverage the Client Credentials flow which allows access to your corporate email via Microsoft Entra application instead of using the public MS365 API. The credentials supplied are a certificate or app secret generated within your application.
The tenant and client information, as well as the generated credentials should be input into TopView Configurator's "Microsoft - Organization" sections of outgoing and incoming email settings.
Related Articles
Use Gmail for TopView email notification
The following information provides details on using Gmail with TopView for both outgoing email (Notification) and incoming email (Alarm Acknowledge and information requests). Google offers free Gmail accounts. They include the use of Gmail's outgoing ...
Error 1606 Could not access network location
Background This Windows Installer error can occur during a TopView upgrade or uninstall if a location/device specified during a previous TopView installation is no longer accessible. How this can occur: The TopView DataPath entered during the most ...
Keeping TopView healthy
Like all software, TopView is running in an environment that is under constant change. OS updates, protocol versions updates, email authentication deprecations, and other things can affect the health of your TopView system. Even systems off the ...
Email failures with Google due to "invalid_grant" with "Token has been expired or revoked."
If TopView is configured to email notifications with Google, you may receive email failures with an "invalid_grant" error message. The error may carry the description: "Token has been expired or revoked." This can have a few causes: The token got ...
Ports used during TopView operation
TopView can utilize a number of ports to perform its job, configure your firewall to allow communication over the following ports: Data source related ports OPC requires the use of DCOM, which is negotiated over port 135 TCP. The client and server ...