Versions Compared

Old Version 2

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Simon Flückiger

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

EmpowerID offers a variety of email delivery options to cater to different organizational requirements. By default, EmpowerID the platform is configured set to use Simple Mail Transfer Protocol (SMTP) as the provider for email delivery provider. However, SMTP is not the only provider option. You can elect to use SendGrid (requires a SendGrid account with an API key)you can choose from alternative options such as SendGrid, Exchange Web Services (on-premise or Office 365EWS), or both a combination of SMTP and Exchange Web Services ( EWS). If you choose to use more than one provider, you order the precedence by setting the priority for each. The provider with the lowest priority has the higher precedence. By default, SMTP has precedence. You can change this at any time.

You can configure EmpowerID to process emails differently, depending on your scenario. These scenarios include the following:

  • Simple SMTP relay – In this scenario, you specify the SMTP server that EmpowerID uses to send automated emails on behalf of the system and the default from address for all EmpowerID notifications. Examples of these types of emails include welcoming emails sent to new employees, emails sent to users when their passwords are reset by the help desk, pending password expiration notifications, etc.

    • Authenticated SMTP Delivery – In this scenario, you specify an account that EmpowerID should use to connect to the SMTP server. This account must have a password that is vaulted in EmpowerID and becomes the default From address used for any automated emails sent on behalf of the system. When configuring for authenticated SMTP delivery, you have the option to specify whether to use

    . You can also prioritize your preferred providers by adjusting their priority settings.

    In this topic, we will discuss how to configure EmpowerID to accommodate various email processing scenarios, including:

    • Simple SMTP relay: EmpowerID sends automated emails using a default address for all notifications without requiring authentication. Examples include welcome emails, password reset notifications, and password expiration alerts.

    • Authenticated SMTP Delivery: EmpowerID connects to an SMTP relay server using a domain account for authentication. You can specify security options such as SSL, TLS, and the corresponding port used for TLS.

    • Exchange Web Services (EWS) – In this scenario, you specify the account that EmpowerID should use to connect to EWS, as well as the URL to the EWS server. As with configuring EmpowerID for authenticated SMTP delivery, you need to vault the password for the user account.SendGrid – In this scenario, you specify EmpowerID use : EmpowerID communicates with Exchange Web services for email delivery, supporting both on-premise Exchange and Office 365 Web services.

    • SendGrid: EmpowerID utilizes SendGrid to send automated emails on behalf of the system. To use SendGrid, you need to have . This requires a SendGrid account with an API key and set up domain authentication in SendGrid to allow SendGrid to send emails originating from EmpowerIDsetup. Please see SendGrid’s documentation for further information on configuring SendGrid before selecting SendGrid for sending emails in EmpowerID.

    • Email approvals – In this scenario, you configure EmpowerID to give resource owners and other delegated approvers the ability : EmpowerID enables approvers to respond to Access Requests access requests directly from their email clients, apart from interacting directly with the request in the EmpowerID Web interface. This allows users to respond to requests when away from their desks. To do so, they simply reply to the email with "Approved" or "Rejected." EmpowerID reads the response and submits the decision.

    Note

    When

    • allowing for convenient decision-making away from the web interface.

    Please note that when configuring EmpowerID for authenticated SMTP, the mailbox selected for

    reading and

    processing emails takes precedence over

    the setting entered in

    the SMTP From

    Address setting.If you are

    Address setting. Additionally, if using a non-Exchange mail delivery system

    other than Exchange

    that supports SMTP,

    then

    you

    need to

    must create a tracking-only account store

    and add an account

    with the

    appropriate credentials, as well as a

    necessary credentials and user principal name,

    for that system to that account store. You then

    and vault the

    password for that

    user account password.

    Configure for Simple SMTP Relay

    1. On the navbar, expand Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

    2. Select SMTP from the Email Delivery Mode drop-down.

      Image Removed

      In the SMTP Mail Delivery Settings pane, enter the following information:

      SMTP From Address — This specifies Image Added

    3. Adjust the form data as needed:

      • BCC Recipient for All Emails – Optional; sends a copy of every email to the specified addresses as BCC.

      • Enable Email Test Mode – If this is selected, all emails will be sent to the specified address and only that address.

      • Test Mode Recipient – This specifies the address emails are to be sent when Enable Email Test Mode is selected. The replaced recipients can be seen in the email’s headers.

      • Account with Vaulted Password for Authenticated SMTP – Used with Authenticated SMTP; leave empty for Simple SMTP Relay.

      • Send SMTP Using SSL – This setting enables SSL for email delivery.

      • Send SMTP Using TLS Security – This setting enables TLS for email delivery.

      • SMTP From Address – This setting is used to specify the default From address the system should use when sending automated emails to your user.

      • SMTP Server DNS — Port NumberThis specifies the DNS or IP address of the SMTP server in your environmentport number used for SMTP delivery.

    4. Save your changes.

    Configure for Authenticated SMTP Relay

    1. On the navbar, expand Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

    2. Select SMTP from the Email Delivery Mode drop-down.

      Image Removed

      In the SMTP Mail Delivery Settings pane, enter the following information:

      Image Added

    3. Adjust the form data as needed:

      • BCC Recipient for All Emails – Optional; sends a copy of every email to the specified addresses as BCC.

      • Enable Email Test Mode – If this is selected, all emails will be sent to the specified address and only that address.

      • Test Mode Recipient – This specifies the address emails are to be sent when Enable Email Test Mode is selected. The replaced recipients can be seen in the email’s headers.

      • Account with Vaulted Password for Authenticated SMTP – Select the user – Search for and select the account to be used by EmpowerID to authenticate for authenticating to the SMTP server and send automated responses on behalf of the system. This relay server. The account must have a vaulted password that is vaulted in EmpowerID. If the account does not have a password that is vaulted, please see How to Vault Account Passwords below and then return to complete the setupcan be sent to the server to authenticate. See step 5 below for the process of vaulting the account password.

      • Send SMTP Using SSL – This setting enables SSL for email delivery.

      • Send SMTP Using TLS Security – This setting enables TLS for email delivery.

      • SMTP From Address – This specifies – This setting is used to specify the default From address the system should use when sending automated emails to your user.

      • SMTP Server DNS – Port NumberThis specifies the DNS or IP address of the SMTP server in your environmentport number used for SMTP delivery.

    4. Save your changes.

    5. Next, if the user account to be used by EmpowerID to authenticate to the SMTP server does not have a password that is vaulted in EmpowerID, do the following to vault it:

      1. Expand Identity Administration on the navbar and click User Accounts to navigate to the Find Account page.

      2. Click the Edit Vaulted Account Password action.

        Image Removed

      3. Search for the desired user account, click the record to select it, and then click Submit.

        Image Removed

        On the Email Settings page, click the account link for the user account in the Account With Vaulted Password For Authenticated SMTP field.

        Image Added

        This directs you to the View One page for the user account.

        Image Added

      4. On the View One page, expand the Actions accordion and click Edit Vaulted Account Password.

        Image Added

      5. In the Service Account Credentials form that opens, do the following:

        • Click Encryption Certificate and select a certificate for encrypting the password.

        • Enter the password in the Password and Confirm Password fields

        • Click Submit.

          Image RemovedImage Added

    Configure for Office 365 / Exchange EWS

    1. On the navbar, expand Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

    2. Select Exchange EWS from the Email Delivery Mode drop-down.

      Image Removed

      On the Email Settings page, edit the following settings:

    3. Office 365 / Exchange Mailbox for Send and Receive – This specifies the user account EmpowerID uses to authenticate to the EWS server as well as to send automated emails on behalf of the system. This account needs to have its password vaulted in EmpowerID.

      4. Office


      Image Added

    4. Adjust the form data as needed:

      • BCC Recipient for All Emails – Optional; sends a copy of every email to the specified addresses as BCC.

      • Enable Email Test Mode – If this is selected, all emails will be sent to the specified address and only that address.

      • Test Mode Recipient – This specifies the address emails are to be sent when Enable Email Test Mode is selected. The replaced recipients can be seen in the email’s headers.

      • Microsoft 365 / Exchange Delivery Settings – Select the user that EmpowerID will use to send email through the web service. Make sure the account you select is an account that has a mailbox on the mail system you are targeting.

      • Microsoft 365 / Exchange Web Service URL – This specifies the URL to the EWS server. If you are using Office 365, the value of the URL should be https://outlook.office365.com/EWS/Exchange.asmx.

        Image Removed

    5. Click Save.

    6. Next, if the user account to be used by EmpowerID to authenticate to the server does not have a password that is vaulted in EmpowerID, do the following to vault it:

      1. Expand Identity Administration on the navbar and click User Accounts to navigate to the Find Account page.

      2. Click the Edit Vaulted Account Password action.

        Image Removed

      3. Search for the desired user account, click the record to select it, and then click Submit.

        Image Removed

      4. In the Service Account Credentials form that opens, do the following:

        • Click Encryption Certificate and select a certificate for encrypting the password.

        • Enter the password in the Password and Confirm Password fields

        • Click Submit.

          Image Removed

    7. Save your changes.

    Configure for SendGrid

    Info

    Prerequisites

    In order to use SendGrid as the Email provider, you need to have a SendGrid account with an API key and set up domain authentication in SendGrid to allow SendGrid to send emails originating from EmpowerID. Please see SendGrid’s documentation for further information.

    After setting up SendGrid as outlined by their documentation, you can configure SendGrid as the Email provider in EmpowerID by doing the following:

    1. On the navbar, expand Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

    2. Enter the following information in the Email Settings form:

      1. Email Delivery Mode – SendGrid

      2. SendGrid API Key – Your SendGrid API key

        Image Removed

      Click Save


      1. Image Added

    3. Click Save.

    Configure Email Provider Priority

    EmpowerID allows you to configure the priority of email providers, determining the sequence in which they are assessed for usage. By assigning a lower numerical value to a particular email provider's priority, you can indicate your preferred method for sending emails within the system.

    1. Expand Infrastructure Admin EmpowerID Servers and Settings on the navbar and select Email Provider

    2. Click the Edit button beside the provider whose priority you want to change.

      Image Added

    3. Adjust the numeric value as needed and click Save.

      Image Added

    4. Repeat steps 2 and 3 for each provider you want to edit.

    Configure Email Approvals

    Note

    For EmpowerID to process email approvals, the task or operation being approved or rejected must have the EnableBulkApproval set to true. This is set in Workflow Studio.

    If you are using SMTP, follow the procedure outlined in the Authenticated SMTP Delivery section, including vaulting a user account; otherwise, following the procedure outlined in the EWS section. After completing those steps, do the below steps.

    1. On the navbar, expand Expand Infrastructure Admin EmpowerID Servers and Settings on the navbar and select EmpowerID System Settings.

    2. Search for EmailApprovalbyEmailEnabled and click the Edit (blue star) button for the setting.

      Image RemovedImage Added

    3. Set the Value to True and click Save.

      Image RemovedImage Added

    Insert excerpt
    IL:External Stylesheet
    IL:External Stylesheet
    nopaneltrue

    Div
    stylefloat: left; position: fixed;

    IN THIS ARTICLE

    Table of Contents
    maxLevel4
    minLevel2
    stylenone
    printablefalse