Email

Email

Overview

The platform supports custom email integrations, which allows you to leverage your own email system for sending and receiving emails.

Configuring custom email

By default, all emails sent and received via the platform are routed through the platform's email server.

To reduce the chance of your emails being flagged as spam, it's better that all emails sent and received through the platform are routed through your own organization's email server.

  1. First, create an email account for your organization that will be used specifically for email integration with the platform.
    1. It is recommended to name this account "messages". For example, if your organization's domain is myorganization.com, create an account called messages@myorganization.com for the integration.
    2. The email used for the email integration should not be a personal email address or used for any other communication as the platform can delete emails in that account as part of the email syncing process.
    3. Additionally, contact your email provider to learn about any email volume limitations to prevent overloading when sending large numbers of emails.

To begin configuring custom email, you must first install the Custom email app. To install the app:

  1. Click Admin from the primary navigation menu.
  2. Click App center from the fly-out menu.
  3. Install the Custom email app in the Email section.
  4. After installing the app, click the Configure Configure icon icon on the Custom email tile. 
Admin, App center, Email section with the Custom email app highlighted

The email Configure page displays.
  1. Select your email provider.
Admin, Email, Configure tab with a list of email providers

Configuration settings display for Outgoing emails and Incoming emails.
  1. Complete the form based on your email system. Additional information about the fields below:
    1. User: The user name of the email account without the domain. In this example, it would be "messages".
    2. Password: The password for the email account.
    3. Domain: The domain of the email account.
    4. SMTP server: The address of your SMTP server.
    5. SMTP port: The port of your SMTP server.
    6. SMTP authentication: The kind of authentication your SMTP server requires.
    7. Use TLS for SMTP?: Enable if your SMTP server requires TLS.
    8. POP3 server: The address of your POP3 server.
    9. POP3 port: The port of your POP3 server.
    10. POP3 polling: The number of minutes for your POP3 polling.
  2. Click Save.

The Configure page now displays your settings.  
  1. Click Send test message to test your configuration settings. This will send an email via your SMTP server. If the configuration is correct, the message will be sent to your email account within a few seconds.
  2. Click Edit if you would like to edit your email integration settings.
  3. Click Disable to disable your email integration settings.
Admin, Email, Configure tab, Saved configuration settings

AWS-SES integration 

The AWS-SES integration allows you to use AWS-SES to send emails, and a POP3 server to receive emails. 

To set up an AWS-SES email integration:
  1. Click Admin from the primary navigation menu.
  2. Click Email from the fly-out menu.
  3. Click the Configure tab.
  4. Click AWS-SES.

The AWS-SES configuration settings display.

Some helpful information to complete the Outgoing emails section:
  1. Delivery method: Choose between AWS-SES and SMTP delivery methods.
    1. If you select AWS-SES as the Delivery method, the From email field will appear in the form. The address entered in this field is used to set the "from address" in the sent emails. The email address used in this field has to be verified in your AWS account.
    2. Click here to learn more about verifying email addresses.
  2. Information about SMTP credentials such as User and Password for AWS-SES can be found here.
  3. Domain: The domain defaults to amazonaws.com.
  4. SMTP server: The SMTP server defaults to email-smtp.us-east-1.amazonaws.com or equivalent depending on the region of your AWS account.

Admin, Email, Configure tab, AWS-SES configuration page

In the Incoming emails section, the Different POP3 account? option is selected by default. 
  1. Complete the Incoming emails section with your POP3 email retrieval protocol information.
  2. Click Save.


Microsoft 365 email integration

Enabling SMTP

To integrate with Microsoft 365, you must first enable SMTP to send emails from your Microsoft 365 account. 
  1. To enable SMTP with Microsoft 365, please follow the directions provided here.

Configuring Email

Once SMTP is enabled with your Microsoft 365 account, you can set up the integration:

  1. Click Admin from the primary navigation menu.
  2. Click Email from the fly-out menu.
Admin fly-out menu with Email highlighted

The Email page displays.

  1. Click the Configure tab.
  2. Click Office 365.
Admin, Email, Configure tab with Office365 highlighted

In the Outgoing emails section, enter your Office 365 account credentials:

  1. User: The user name before @yourOfficeDomain.com.
  2. Password: Your Microsoft account password.
  3. Domain: yourdomain.com.
Admin, Email, Configure settings, Outgoing emails section with the User, Password, and Domain fields highlighted

Scroll to the bottom of the page:

  1. Click Save.
Save button highlighted

After saving your credentials:

  1. Click Edit on the Configure tab.
Admin, Email, Configure tab, Saved configuration settings with the Edit button highlighted

In the Incoming emails section:

  1. Click Configure OAuth 2.0 for POP3.
Admin, Email, Configure tab, AWS-SES configuration page, Incoming emails section with the Configure OAuth 2.0 for POP3 button highlighted

The Configure authentication page displays.

  1. Keep the Configure authentication page open, as you will need the Redirect URI information when registering the application with Microsoft Entra ID in another browser window or tab.
Admin, Email, Configure authentication page

Microsoft Entra ID

In order to obtain the OAuth 2.0 credentials for incoming email, you have to create an application with Microsoft Entra ID. To create the application:

  1. Log into Microsoft Azure with your Office 365 account credentials.
Microsoft Azure login screen

The Welcome to Azure page displays.

  1. Click View in the Manage Microsoft Entra ID section. 
Welcome to Azure page with the View button highlighted in the Manage Microsoft Entra ID section

In the left menu:

  1. Click App registrations.
Microsoft Entra ID Overview page with App registrations highlighted in the left menu

The App registrations page displays.

  1. Click + New registration.
Microsoft Entra ID, App registrations page with the New registration button highlighted

The Register an application page displays. 

  1. Name: Enter a name for the application. In the example below, the name Test POP3 access is used.
  2. Supported account types: Select Accounts in this organizational directory only - the default setting.
  3. Redirect URI: From the dropdown menu, select Web.
    1. In the URI field, enter the Redirect URI from the Configure authentication page in your platform.
      1. You can find this information on your platform at Admin > Email > Configure > Office365 > Edit > Configure OAuth 2.0 for POP3.
  4. Click Register.
Microsoft Entra ID, App registrations, Register an application page with an example name and Redirect URI entered

On the App registrations page, the application name and details display.

  1. Copy the Application (client) ID and Directory (tenant) ID for future use.
Microsoft Entra ID, App registrations page with a new application listed and the Application (client) ID and Directory (tenant) ID highlighted

From the left navigation menu:

  1. Click Certificates & secrets.
Microsoft Entra ID, App registrations page, left menu with Certificates & secrets highlighted

The Certificates & secrets page displays.

  1. Click + New client secret.
Microsoft Entra ID, App registrations, Application Certificates & secrets page with the New client secret button highlighted in the Client secrets tab

The Add a client secret pop-up displays.

  1. Enter a Description.
  2. Click Add.
Add a client secret pop-up with the Description field highlighted

A Client secret Value and Secret ID are created.

  1. Click the Copy  icon to copy the Value.
    1. The newly created Value is the Client secret, which you will use in the learning platform to authenticate. 
Microsoft Entra ID, App registrations, Application Certificates & secrets page with the Copy button highlighted next to the Value code in the Client secrets tab

Configuration Page

Now that you have a Microsoft Entra ID application and authentication information, you can complete the email configuration.

  1. Return to the Configure authentication screen in your platform. 
Complete the form based on information gathered from the Microsoft Entra ID application. Note that you will need to replace the information in italics below with your specific application information:
  • Authorization URL: https://login.microsoftonline.com/[Directory (tenant) ID]/oauth2/v2.0/authorize
  • Token URL: https://login.microsoftonline.com/[Directory (tenant) ID]/oauth2/v2.0/token
  • Scope: https://outlook.office.com/POP.AccessAsUser.All offline_access
  • Client ID: Application (client) ID.
  • Client secret: The Client secret Value.
  • Click Save.
Admin, Email, Configure authentication page with the Save button highlighted

Next, you will configure OAuth 2.0 POP and authenticate your email credentials. To ensure you are asked to authenticate in a new window, you will need a new session.

Info
It is recommended that you open a new browser window in Incognito mode to create a new session before proceeding with the following steps.
In Incognito or Private mode in a new browser:
  1. Click Admin from the primary navigation menu.
  2. Click Email from the fly-out menu.
  3. Click the Configure tab.
  4. Click Edit.
  5. Click Configure OAuth 2.0 for POP3 in the Incoming Emails section.

Admin, Email, Configure tab, Office365 configuration page, Incoming emails section with the Configure OAuth 2.0 for POP3 button highlighted

The Configure authentication pop-up displays.
  1. Click Get access token.
Admin, Email, Configure authentication page with the Get access token button highlighted

Because you have accessed the page with a new session, you will be prompted to pick an account.

  1. Log in with your Office 365 account (the account used for the integration).
The Microsoft Azure Pick an account pop-up

Accept the requested permissions.

The Microsoft Permissions requested pop-up with the Accept button highlighted

The page refreshes and the access token and expiration date are available. Your Microsoft 365 email has been authenticated.

Gmail email integration

To set up a Gmail email integration, first, ensure you are using App passwords:  
  1. You must use App passwords with Gmail to provide the platform with permission to access your Google account. More information can be found here
    1. Note that in order to use App passwords, you must enable 2-Step Verification on your account. To learn more, visit the 2-Step Verification documentation from Google.
To set up an Gmail email integration:
  1. Click Admin from the primary navigation menu.
  2. Click Email from the fly-out menu.
  3. Click the Configure tab.
  4. Click Google.

The Google configuration settings display.

  1. No changes are needed for the default selections in the Outgoing emails section.
  2. In the Incoming emails section:
    1. POP3 user: Enter your gmail account name (the name before the @).
    2. POP3 domain: Enter gmail.com.
  3. Click Save.
Admin, Email, Google configuration tab, Incoming emails section with the POP3 user and POP3 domain fields highlighted

After saving, you must configure Oath 2.0 for POP3. On the Configure tab:
  1. Click Edit.
Admin, Email, Configure tab, Saved configuration settings with the Edit button highlighted

The edit configuration settings page displays.
  1. Click Configure OAuth2.0 for POP3 in the Incoming emails section.
Admin, Email, Configure tab, Google configuration page, Incoming emails section with the Configure OAuth 2.0 for POP3 button highlighted

The Configure authentication page displays.
  1. Keep the Configure authentication page open, as you will need the Redirect URI information when setting up the application with Gmail in another browser window or tab.
Admin, Email, Configure authentication page with the Redirect URI highlighted

Google Cloud Console

Next, you will set up a new project with Google Cloud Console. To begin:

  1. Log-in to the Gmail account you will be using to set up the integration.
  2. Then, access the Google Cloud Console.
  3. Click Select a project on the top menu.
  4. Click New Project.
  5. Name your new project. In this example, the organization will be named Google POP
  6. Click Create.
  7. Select your new project.
Google Cloud Console, Select a resource pop-up with the New project button highlighted

After selecting the project, enable the Gmail API:
  1. Click the Google Cloud Google Cloud navigation menu icon navigation menu in the upper left corner.
  2. Click APIs & Services.
  3. Click Library.
  4. Click Gmail API.
  5. Click Enable.
Gmail API screen with the Enable button highlighted

Next, you must configure the OAuth consent screen.
  1. Click the Google Cloud Google Cloud navigation menu icon navigation menu in the upper left corner.
  2. Click APIs & Services.
  3. Click OAuth Consent Screen.
  4. Click Get Started.
Google Cloud Console, APIs & Services, OAuth Overview with the Get started button highlighted

The Project configuration page displays.
  1. Create an App name.
  2. Add a User support email, for users that contact you with questions about their consent.
  3. Click Next.
  4. Select External in the Audience section.
  5. Click Next.
  6. Add a Contact email address so Google can notify you about any changes to your project.
  7. Agree to the Google API Services: User Data Policy.
  8. Click Create.
Google Cloud Console, Google Auth Platform, Overview, Project configuration screen, Audience section with External selected

Next, you will create credentials for the project.
  1. Click the Google Cloud Google Cloud navigation menu icon navigation menu in the upper left corner.
  2. Click APIs & Services.
  3. Click Credentials.
  4. Click Create credentials.
  5. Click OAuth client ID from the drop-down menu.
Google Cloud Console, APIs & Services, Credentials page with OAuth client ID highlighted on the Create credential drop-down menu
The Create Oauth client ID page displays.
  1. Application type: Select Web application.
  2. Name: Enter a name for your OAuth 2.0 client. Platform client is used in the example below.
  3. Click Add URI in the Authorized redirect URIs section.
  4. Enter the Redirect URI
    1. You can find the Redrect URI on the Configure authentication page in your learning platform.
  5. Click Create.
Google Cloud Console, Google Auth Platform, Clients, Create OAuth client ID page with the Authorized redirect URIs field highlighted
The OAuth client created pop-up displays.
  1. Copy the Client ID and Client secret, as both will be needed when setting up the integration in your learning platform.
Google Cloud Console, Google Auth Platform, Clients, OAuth client created pop-up with a Client ID and Client secret

Next, you will update your Data access scopes. 
  1. Click Credentials on the left menu.
  2. Click the OAuth 2.0 Client ID you just created (Platform client was the example used in the previous screenshots).
  3. Click Data Access on the left menu.
  4. Click Add or Remove Scopes.
  5. Use the search filter to locate the https://mail.google.com/ scope.
  6. Select the Gmail API checkbox.
  7. Click Update.
Google Cloud Console, Google Auth Platform, Data Access page with the Update selected scope window displayed and the Gmail API selected and highlighted

Now, you will add your integration email.
  1. Click Audience on the left menu.
  2. Click + Add Users in the Test users section.
  3. Add the e-mail account you have been using for the integration.
  4. Click Save.
Google Cloud Console, Google Auth Platform, Audience page with the Add users window displayed and an example email address highlighted

Enable POP in Gmail

To enable POP in Gmail:

  1. Access the Gmail account you are using to set up the integration.
  2. Click the SettingsGmail Settings icon icon in the upper right corner of your Gmail screen.
  3. Click See all settings.
  4. Click the Forwarding and POP/IMAP tab.
  5. You can select either Enable POP for all mail or Enable POP for mail that arrives from now on, depending on your preference.
  6. Click Save Changes.

Configuration Page

Now that you have Gmail client information, you can complete the email configuration.

  1. Return to the Configure authentication screen in your platform. If you closed your browser window, to access the page again:
    1. Click Admin from the primary navigation menu.
    2. Click Email from the fly-out menu.
    3. Click the Configure tab.
    4. Click Edit.
  2. Click the Configure OAuth 2.0 for POP3 button in the Incoming emails section.
The Configure authentication page displays. Complete the fields using the following information:
  1. Authorization URL: https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent
  2. Token URL: https://oauth2.googleapis.com/token
  3. Scope: https://mail.google.com/
  4. Client ID: Enter the Client ID you saved from the OAuth Client created pop-up in the Google Cloud Console. 
  5. Client secret: Enter the Client secret you saved from the OAuth Client created pop-up in the Google Cloud Console. 
  6. Click Save.
Admin, Email, Configure authentication page with example information

To complete the authentication, you must get an access token. To get the access token:

  1. Click Configure OAuth 2.0 for POP3 in the Incoming Emails section.
  2. Click Get access token.
Admin, Email, Configure authentication page with the Get access token button highlighted

An authentication window from Google will display.
  1. Select the Google account used for the integration.
  2. If prompted, login to the account.
  3. Click Continue to verify that you trust the learning platform and provide access for the platform to read, compose, send, and delete email from Gmail.

Once authentication has been granted, the Configure authentication page refreshes and the access token and expiration date display.

  1. Click Save to save your updates.
Your Gmail account has been authenticated.

Common email errors

Below are common errors you may encounter when integrating your email account with the platform, along with steps to troubleshoot them.

  • "Net:SMTPUnknownError: could not get 3xx (550)": This error will occur when the Google email sending limit was exceeded. To keep the system healthy and accounts safe, Google limits the number of email messages users can send per day and the number of recipients per message. For more details, visit this Google support article. If you need further assistance, please contact Google support.
  • "Net:SMTPAuthenticationError: 454 4.7.0 Too many login attempts, please try again later": This error can occur when Gmail can't handle the high email volume. If you encounter this error, please contact Google support. If you have a very high email volume, you may want to set up an AWS-SES integration.
  • "Timeout::Error":  Connection time-out means that your email server cannot be reached anymore. In this case, please your e-mail provider to check if they have enabled a firewall that blocks connections, or if they made changes that require updating your integration and authentication settings.
  • "POPAuthenticationError: -ERR Login failure: unknown user name or bad password"; "Error: 535 5.7.3 Authentication unsuccessful"; "Incorrect authentication data:Authentication failed": These errors will occur when the credentials used for authentication are incorrect.
    • When using Gmail, Error 535 5.7.3 occurs when you use the configured password. You must, instead, configure Google App Passwords in order to authenticate email.

    • Related Articles

    • Profile settings for administrators

      Overview Every user has a profile page that includes various information such as their basic info, their account details, their friends, photos, social media links, and more. The information that is visible depends on the user's role and the portal's ...

    • Password settings

      Overview For security reasons every user has a User ID (3+ characters) and a Password (5+ characters). Users can log in with their credentials or they can use the available SSO options if enabled. Add password When users sign up and create accounts ...

    • Permissions

      Overview The Permissions feature provides a streamlined way for super administrators to configure and customize permissions by role throughout the platform. This includes the ability to provide or deny access to many site features such as site-wide ...

    • Policies

      Overview There are many policies that you can set for your company, such as the features that learners, instructors, and administrators can access. Setting these policies is one of the most important things for an administrator to do. To see your ...

    • Organizations

      Overview Keep your departments, clients, and partners organized with the Organizations feature. This article will help you enable, create, and design custom organizations. Click here for a walk through of the Organizations feature. Note that if you ...