How to Set Up OAuth 2.0 Login for Mailboxes in Easy8

Introduction

This guide will show you how to set up OAuth 2.0 authentication for mailboxes in Easy8 HelpDesk. Using OAuth 2.0 makes the mailbox connection more secure, especially for Microsoft Exchange and Google Workspace accounts. By following these steps, you’ll securely connect mailboxes without saving passwords directly in the system.

Target Audience

Administrator

Prerequisites

Before starting, ensure you have:

Administrator access to Easy8.
Access to Google Cloud Console or Microsoft Azure Portal.
Permission to create OAuth apps and manage mailbox settings.

How to Set Up OAuth 2.0 Login

Step 1: Create OAuth 2.0 Credentials

For Google Workspace:

Go to the Google Cloud Console.
Create a new project or use an existing one.
Navigate to APIs & Services >> Credentials.
Create new OAuth 2.0 Client ID for a Web Application.
Set the Authorized Redirect URI – this must match the URL provided in your Easy8 mailbox settings.
Save and copy the Client ID and Client Secret.

For Microsoft Exchange (Azure):

Go to the Microsoft Azure Portal.
Navigate to Azure Active Directory >> App Registrations.
Click New Registration.
Fill in application name and set supported account types.
After registration, find and copy the Application (Client) ID and Directory (Tenant) ID.
Under Authentication, add the Redirect URI matching your Easy8 installation.
Under Certificates & secrets, create a New client secret and copy it.

Tip: Remember to use offline_access as part of your OAuth scopes to allow refresh tokens.

Step 2: Configure OAuth Settings in Easy8

Go to Global menu >> HelpDesk >> All Mailboxes.
Add a new mailbox or edit an existing one.
Select Connect using OAuth 2.0 instead of entering username and password.
Enter the Client ID, Client Secret, and authorization endpoints if required.
Set the Scope including offline_access.
(Optional) Enable the Consent option if needed.

Step 3: Test the OAuth Connection

Click the Test Connection button to verify everything is set correctly.
If the test is successful, the mailbox is ready to use.

Step 4: Important Settings

Connection Timeout: You can set how long Easy8 will wait for mailbox server response. Default is 60 seconds.
Automatic Disable: If repeated connection errors happen, the mailbox will be automatically disabled for security. Admin must manually re-enable after fixing the error.
Access Token Expiration: OAuth tokens have a limited lifespan (maximum about 6 months). After expiration, reconnect the mailbox using OAuth 2.0 flow again.

Troubleshooting

Issue	Solution
Error: User authenticated but not connected	Ensure the user has full permission to the mailbox. Either be the mailbox owner or have assigned Full Access rights.
Error: Microsoft HelpDesk connects but stops later	Check if offline_access was included in the OAuth scope. Without it, refresh tokens won't work.
Error: Mailbox created as POP3 not IMAP	OAuth works only for IMAP connections. Make sure the account is IMAP in both Azure and Easy8.
OAuth token expired	Reconnect the mailbox using OAuth 2.0 flow again.

Use Case: Many Mailboxes, One Super HelpDesk User

If you have many HelpDesk mailboxes, you can assign access rights to one user (a Super User) in Microsoft Exchange:

Go to Microsoft 365 Admin Center >> Admin centers >> Exchange.
In Exchange Admin Center, go to Recipients >> Mailboxes.
Select a mailbox, click Delegation.
Under Read and Manage (Full Access), add the Super HelpDesk User.
Repeat for all HelpDesk mailboxes.

In Easy8, connect using the Super User's OAuth credentials.

Conclusion

You have successfully set up OAuth 2.0 login for mailboxes in Easy8. This method is safer, supports modern security policies, and avoids direct password storage.