This guide relates to the set up of OAuth 2.0 authentication for the inbox used by RSM InTime to process timesheet approval emails (under System Administration > Email Server Settings). The administrator of your email account should be able to complete the set up of OAuth 2.0 credentials and scopes/permissions. Should you have any queries or issues when completing the email account set up, please contact the relevant provider support as the RSM InTime support team will be unable to assist due to access and visibility restrictions.
Important note:- Log in to RSM InTime in an incognito window then do the OAuth Email-Client login step from there. This is often needed to avoid signing in accidently with their own account rather than that of the mailbox they wish to grant access to.
...
You will need to register RSM InTime as an app with the identity platform in Azure Active Directory (Azure AD). Please refer to Microsoft's page on how to register an application which provides more detail on the process below.
...
Click "Certificates and secrets" on the left, click "New client secret", enter the descriptive name for this secret and set it to expire in an appropriate period. Click "Add". Note, when the secret expires, you'll have to create a new one and update the RSM InTime configuration.
Make a note of the Value. This will not be displayed again.
...
Click "API permissions" on the left. Click "Add a permission" and add the permissions noted below. They will likely be found in "Delegated Permissions" in the Graph API.
Log in to RSM InTime in an incognito window, go to Settings → Email Server Settings and enter the details shown below, replacing the email address/username with the email address/username of the mailbox you would like RSM InTime to monitor. Click Save, followed by OAuth 2.0 Settings.
...
You will be redirected to Microsoft to authenticate and consent, then redirected back to RSM InTime, where the status will show as "Authorised". Now return to Settings → Email Server Settings and confirm that RSM InTime can access your mailbox.
...
Gmail OAuth 2.0 Authentication Guide
...
Gmail Email Account Set Up
- Set up a GMail Gmail account or use an existing account. This account needs to be the account you intend to use for RSM InTime's email approval feature.
- Login to the Google API Console (here)
- Navigate to the Cloud Resource Centre (here)
- Create a new project
- Project Name: InTime
- Location: Select the relevant organization
...
Make a note of the Client ID and Client Secret in the top right of the screen.
RSM InTime OAuth 2.0 Integration Set Up
Once OAuth credentials and scopes have been enabled on your email account, you need to configure the integration within RSM InTime.
- In RSM InTime, go to System Administration > System > Email Server Settings
- From the Authentication Method dropdown, select 'OAuth 2.0'
- Click on 'OAuth 2.0 Settings', this will direct you to the OAuth Integrations screen
- Click on New and click Create next to 'Email-Client'
...
Click Save and then Back
Click Log In
Log into GMailGmail/Outlook using the email account credentials, allow permission for the app to access the inbox.
Finally within RSM InTime, go to System Administration > System > Email Server Settings
- Authentication Method: OAuth 2.0
- Email Server: imap.gmail.com
- Protocol: imap
- Port: 993
- SSL Required: Yes
- Email Address: Email address to be used for Email Approval within RSM InTime
- Username: Re-enter email address from above.
- Password: Enter the password for the email account.
Click Save
Your RSM InTime instance will now be connected to your email server account using OAuth 2.0 authentication.
...