You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Configure EmpowerID Email Send Options

EmpowerID offers a variety of email delivery options to cater to different organizational requirements. By default, the platform is set to use Simple Mail Transfer Protocol (SMTP) as the email delivery provider. However, you can choose from alternative options such as SendGrid, Exchange Web Services (EWS), or a combination of SMTP and EWS. You can also prioritize your preferred providers by adjusting their priority settings.

In this topic, we will discuss how to configure EmpowerID to accommodate various email processing scenarios, including:

  • Simple SMTP relay: EmpowerID sends automated emails using a default address for all notifications without requiring authentication. Examples include welcome emails, password reset notifications, and password expiration alerts.

  • Authenticated SMTP Delivery: EmpowerID connects to an SMTP relay server using a domain account for authentication. You can specify security options such as SSL, TLS, and the corresponding port.

  • Exchange Web Services (EWS): EmpowerID communicates with Exchange Web services for email delivery, supporting both on-premise Exchange and Office 365 Web services.

  • SendGrid: EmpowerID utilizes SendGrid to send automated emails. This requires a SendGrid account with an API key and domain authentication setup. Please see SendGrid’s documentation for further information on configuring SendGrid before selecting SendGrid for sending emails in EmpowerID.

  • Email approvals: EmpowerID enables approvers to respond to access requests directly from their email clients, allowing for convenient decision-making away from the web interface.

Please note that when configuring EmpowerID for authenticated SMTP, the mailbox selected for processing emails takes precedence over the SMTP From Address setting. Additionally, if using a non-Exchange mail delivery system that supports SMTP, you must create a tracking-only account store with the necessary credentials and user principal name, and vault the user account password.

 

Configure for Simple SMTP Relay

  1. Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

  2. Select SMTP from the Email Delivery Mode drop-down.

     

  3. Adjust the form data as needed:

    • BCC Recipient for All Emails – Optional; sends a copy of every email to the specified addresses as BCC.

    • Enable Email Test Mode – If this is selected, all emails will be sent to the specified address and only that address.

    • Test Mode Recipient – This specifies the address emails are to be sent when Enable Email Test Mode is selected.

    • Account with Vaulted Password for Authenticated SMTP – Used with Authenticated SMTP; leave empty for Simple SMTP Relay.

    • Send SMTP Using SSL – This setting enables SSL for email delivery.

    • Send SMTP Using TLS Security – This setting enables TLS for email delivery.

    • SMTP From Address – This setting is used to specify the default From address the system should use when sending automated emails.

    • SMTP Port Number – This specifies the port number used for SMTP delivery.

  4. Save your changes.

Configure for Authenticated SMTP Relay

  1. Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

  2. Select SMTP from the Email Delivery Mode drop-down.

     

  3. Adjust the form data as needed:

    • BCC Recipient for All Emails – Optional; sends a copy of every email to the specified addresses as BCC.

    • Enable Email Test Mode – If this is selected, all emails will be sent to the specified address and only that address.

    • Test Mode Recipient – This specifies the address emails are to be sent when Enable Email Test Mode is selected.

    • Account with Vaulted Password for Authenticated SMTP – Search for and select the account to be used for authenticating to the SMTP relay server. The account must have a vaulted password that can be sent to the server to authenticate. See step 5 below for the process of vaulting the account password.

    • Send SMTP Using SSL – This setting enables SSL for email delivery.

    • Send SMTP Using TLS Security – This setting enables TLS for email delivery.

    • SMTP From Address – This setting is used to specify the default From address the system should use when sending automated emails.

    • SMTP Port Number – This specifies the port number used for SMTP delivery.

  4. Save your changes.

  5. Next, if the user account to be used by EmpowerID to authenticate to the SMTP server does not have a password that is vaulted in EmpowerID, do the following to vault it:

    1. On the Email Settings page, click the account link for the user account in the Account With Vaulted Password For Authenticated SMTP field.

       

      This directs you to the View One page for the user account.

       

    2. On the View One page, expand the Actions accordion and click Edit Vaulted Account Password.

       

    3. In the Service Account Credentials form that opens, do the following:

      • Click Encryption Certificate and select a certificate for encrypting the password.

      • Enter the password in the Password and Confirm Password fields

      • Click Submit.

         

         

Configure for Office 365 / Exchange EWS

  1. Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

  2. Select Exchange EWS from the Email Delivery Mode drop-down.

     

  3. Adjust the form data as needed:

    • BCC Recipient for All Emails – Optional; sends a copy of every email to the specified addresses as BCC.

    • Enable Email Test Mode – If this is selected, all emails will be sent to the specified address and only that address.

    • Test Mode Recipient – This specifies the address emails are to be sent when Enable Email Test Mode is selected.

    • Microsoft 365 / Exchange Delivery Settings – Select the user that EmpowerID will use to send email through the web service. Make sure the account you select is an account that has a mailbox on the mail system you are targeting.

    • Microsoft 365 / Exchange Web Service URL – This specifies the URL to the EWS server. If you are using Office 365, the value of the URL should be https://outlook.office365.com/EWS/Exchange.asmx.

  4. Save your changes.

Configure for SendGrid

Prerequisites

In order to use SendGrid as the Email provider, you need to have a SendGrid account with an API key and set up domain authentication in SendGrid to allow SendGrid to send emails originating from EmpowerID. Please see SendGrid’s documentation for further information.

After setting up SendGrid as outlined by their documentation, you can configure SendGrid as the Email provider in EmpowerID by doing the following:

  1. Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Settings.

  2. Enter the following information in the Email Settings form:

    1. Email Delivery Mode – SendGrid

    2. SendGrid API Key – Your SendGrid API key

       

  3. Click Save.

Configure Email Provider Priority

EmpowerID allows you to configure the priority of email providers, determining the sequence in which they are assessed for usage. By assigning a lower numerical value to a particular email provider's priority, you can indicate your preferred method for sending emails within the system.

  1. Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select Email Provider

  2. Click the Edit button beside the provider whose priority you want to change.

     

  3. Adjust the numeric value as needed and click Save.

     

  4. Repeat steps 2 and 3 for each provider you want to edit.

Configure Email Approvals

For EmpowerID to process email approvals, the task or operation being approved or rejected must have the EnableBulkApproval set to true. This is set in Workflow Studio.

If you are using SMTP, follow the procedure outlined in the Authenticated SMTP Delivery section, including vaulting a user account; otherwise, following the procedure outlined in the EWS section. After completing those steps, do the below steps.

  1. Expand Infrastructure Admin > EmpowerID Servers and Settings on the navbar and select EmpowerID System Settings.

  2. Search for EmailApprovalbyEmailEnabled and click the Edit button for the setting.

     

  3. Set the Value to True and click Save.

IN THIS ARTICLE