OAuth requirement for Google & Microsoft SMTP out-going email services
Posted by Sinclair Hughes, Last modified by Sinclair Hughes on 10 June 2022 02:56 PM

Microsoft and Google are changing the connection requirements for third-party applications (like Incisive) to send emails through their SMTP (out-going) email services.  These connections now require a token to be requested and passed back to Incisive application, instead of just requiring your encrypted login & password, for the Microsoft & Google services to allow the email to go through.  It is possible that these security requirements are being enforced in consideration of the current world-wide tensions.

The symptom may appear as an error message with text of 'Bad Credentials' or 'Username and Password not accepted' and your emails can no longer be delivered.

It is possible that you will notice that emailing functions, outside of the Incisive applications, such as 'Scan to Email' from your multi-function device (scanner/printer), are also likely to run into the same problem sending emails.

Previously, Gmail had an option to allow 'less secure' applications to send emails through their SMTP service, however this option has now been disabled.  There is a different security option called 'App Password' which may work for you, but is only available if you have 2FA authentication enabled on your Google account.

We have provided Knowledgebase articles with references to the relevant Google, Microsoft & Apple app-password support information and how to add it to the Incisive application.

As an alternative SMTP email delivery service, you could look to use a third-party SMTP service such as SMTP2Go.com, which we have used for many years and are quite happy with.  Their pricing is very reasonable, with it being free for up to 1000 emails per month or US$10 per month for up to 10,000 emails per month.  If you're not sure how many you send, start with the free plan and they will notify you if you need to move to the next level. 

There are many other SMTP providers such as SendGrid (who we have also used) or others like ClickSend or Mailgun. Your IT technician may also recommend others.

It is possible these SMTP providers will require you to use a private domain address (not @gmail @yahoo @outlook @me etc.).  You can acquire your own domain address and use it just for emails.  A domain name may cost about $30 per year and email services can often be available for about $5-10 per month.  Domain address and hosting services are available from many providers like crazydomains.co.nz   It will be important to ask your IT technicians to configure your domain to use the SPF, Dmarc & DKIM settings, to ensure better reliability of getting your emails to the patient's Inbox.  The Incisive Helpdesk does not provide these services.

If you do use SMTP2Go, or a similar service, your emails will still be delivered using your usual email From: and ReplyTo: email addresses, which you have entered in the Incisive application.