送信リンクを設定する
When you configure an outgoing link to an external application, Crowd requests data from this application, which means that it acts as the OAuth client. This type of link is primarily used in Crowd to create the OAuth 2.0 integration for popular mail servers.
OAuth 2.0 for SMTP outgoing mail servers is supported in Crowd 6.1 and above.
On this page:
使用するべきタイミング
We’ve created an outgoing OAuth 2.0 integration primarily because Google and Microsoft announced deprecating basic authentication. This means you wouldn’t be able to use these providers (Gmail, Microsoft Exchange Online) if you were authenticating using basic auth. To fix this, you need to configure the OAuth 2.0 integration with these providers, and then update the configuration of your mail servers.
You don’t need to take any actions if you’re using IMAP or POP3, these will continue to work.
はじめる前に
以下を確認する必要があります。
Your server needs to run over HTTPS. If it doesn’t, you will not be able to configure OAuth 2.0.
Your base URL needs to be configured correctly. This is important as the redirect URL you’ll need to provide is based on Crowd’s base URL.
アプリケーション リンクによって送信リンクを作成する
送信リンクを作成するには、次の手順に従います。
Crowd Administration Console にログインします。
In the top navigation bar, go to Settings, then Application Links.
[リンクを作成] を選択します。
In a new dialog that opens, select External application, and then choose Outgoing as the direction.
次のセクションの説明に従って詳細を入力します。
Configure you outgoing link
リンクを設定するには、次の手順に従います。
1. Choose a service provider.
設定するプロバイダーを次の中から 1 つ選択します。Google または Microsoft を選択すると、メール サーバーの OAuth 2.0 統合を作成できます。この場合、一部のフィールドは事前入力されます。
Google
Microsoft
カスタム (内部ツールまたは他のプロバイダー)
2.Copy the Redirect URL and register it in your external application.
If you've chosen authorization code as the grant type, copy the Redirect URL and register it in your external application to obtain the client ID and client secret required to complete the configuration.
If you’re using Google or Microsoft as service providers, you’ll be able to copy the Redirect URL right away. For custom providers, you need to first provide the Authorization endpoint and Token endpoint. For more information on registering the URL with Google or Microsoft, check out the following guides:
Different providers might have different requirements related to the redirect URL. For example, Google doesn't allow it to be a private IP address. Make sure you provide an external URL (for example, of a load balancer for Crowd Data Center).
3. Provide remaining details
残りの情報を入力します。ここでは、次のすべてのフィールドについて説明します。
名前 | 説明 |
|---|---|
クライアント ID | The client ID that's generated by the external application after registering Crowd’s Redirect URL. This is the public identifier of the application. |
クライアント シークレット | The client secret that's generated by the external application after registering Crowd’s Redirect URL. This is the shared secret between Crowd and the application, which ensures the authorization is secure. |
スコープ | The required OAuth 2.0 scopes (permissions) that control what Crowd can do in the external application. You need to specify different scopes for email servers. For Google, we recommend this scope: Microsoft の場合は、使用するプロトコルに応じて、常に
For more information about scopes available in Google and Microsoft, see the detailed information at the Microsoft & Google sites. |
認可エンドポイント (認可コードのみ) | The HTTPS URL where authorization to use OAuth 2.0 is started. |
トークン エンドポイント | The HTTPS URL where refresh token requests are sent. As OAuth 2.0 tokens have an expiry, Crowd will periodically update the token. |
Redirect URL (authorization code only) | The Redirect URL that must be registered in the external application to obtain its client ID and client secret. This redirects the authentication flow back to Crowd. |
4. Provide remaining details
After you save the link, it will appear on the list together with other application links. You'll now be able to select this link when configuring mail servers.
次のステップ
Jira に組み込まれている以下の機能でリンクを使用できます。
関連トピック
- Using the Application Browser
- アプリケーションの追加
- Configuring the Google Apps Connector
- Mapping a Directory to an Application
- Effective memberships with multiple directories
- Specifying an Application's Address or Hostname
- Testing a User's Login to an Application
- Enforcing Lower-Case Usernames and Groups for an Application
- Managing an Application's Session
- Deleting or Deactivating an Application
- Configuring Options for an Application
- 送信リンクを設定する
- Allowing applications to create user tokens
- Configuring how users log in