To Create a System Email Account for Gmail with OAuth 2.0

To mitigate the possibility of access being turned off for less secure apps (LSAs) to Google Suite, MYOB Advanced provides support for Modern Authentication (OAuth 2.0) authentication for IMAP, POP3, and SMTP protocols.

We recommend that customers change their settings to the OAuth2 method if they have configured email processing for Google services by using the username and password authentication method.

By using the System Email Accounts (SM204002) form, you can create an email account for the Google Workspace or Gmail account using OAuth 2.0.

Attention: This topic describes the configuration of a third-party software. Please note the following points:
  • The procedure below is designed for the most common usage scenarios. If you are implementing a more complicated scenario and you encounter difficulties, contact MYOB Advanced Support.
  • The vendor of the third-party software may change the user interface and settings. Therefore, the form elements and setting names you see may differ from the ones described in the procedure.
  • The procedure will be updated each time information is made available about new common scenarios and changes in the user interface and settings.

Step 1: To Register Application with Google

To obtain credentials from Google, do the following:

  1. Open Google Cloud Platform Console and navigate to the Credentials page.
  2. On the Credentials page, click Configure Consent Screen as shown in the following screenshot.
    Figure 1. The Credentials page of Google Cloud Platform Console


  3. On the OAuth consent screen page which opens, do the following:
    1. Choose Internal or External user type depending on your needs
    2. Click Create.
    Figure 2. Selection of user type


  4. On the OAuth consent screen step, do the following:
    1. Enter your app name and support email as shown in the following screenshot.
      Figure 3. App information


    2. Provide other additional information if needed.
    3. Enter developer email address as shown in the following screenshot.
      Figure 4. Developer contact information


    4. Click Save and Continue.
  5. On the Scopes step, click Add or Remove Scopes.
  6. In the Update selected scopes pane, do the following:
    1. Select the following scopes:
      • userinfo.email
      • userinfo.profile
      • openid
    2. Click Update
    Figure 5. Application scopes


  7. Verify that the Your non-sensitive scopes section contains scopes as in the following screenshot.
    Figure 6. Verification of the added scopes


  8. Click Save and Continue.
  9. On the Test users step, add all the users you want authorized to use this app as shown in the following screenshot. Click Save and Continue.
    Figure 7. Addition of authorized users


  10. On the Summary step, review all the information you added in previous steps. Click Back to Dashboard.
  11. On the OAuth consent screen page which opens, click Publish as shown in the following screenshot and confirm the publish.
    Figure 8. Publication of the app


  12. Verify that the Publishing status changed to In production as shown in the following screenshot.
    Figure 9. Publishing status of the app


Step 2: To Obtain OAuth 2.0 Credentials from Google

After you registered the application with Google, you set up OAuth 2.0 credentials:

  1. While you are still have the Google Cloud Platform Console opened, navigate to the Credentials page and click Create Credentials > OAuth client ID as shown on the following screenshot.
    Figure 10. Creation of OAuth client ID


  2. On the Create OAuth client ID page which opens, do the following:
    1. In the Application type box, select Web application.
    2. In the Name box, type in a meaningful application name.
    Figure 11. Application details for OAuth client ID creation


  3. In the Authorized redirect URIs section, click Add URI and type in a redirect URI as shown in the following screenshot. This value can be found on the External Applications (SM301000) form in MYOB Advanced.
    Figure 12. Specification of the redirect URI


  4. Click Create.
  5. On the OAuth client created dialog box which opens, copy the following values which will be used for registering an external application in MYOB Advanced.
    1. Your Client ID
    2. Your Client Secret
    Figure 13. Created credentials for OAuth client


    Tip: You can keep the browser page with the OAuth client created dialog box open and copy the values directly to MYOB Advanced when you will register the application on the External Applications (SM301000) form.

Step 3: To Specify the General Settings of the Email Account

To specify the general settings of the account, do the following in MYOB Advanced:

  1. Open the System Email Accounts (SM204002) form.
  2. On the form toolbar, click Add New Record.
  3. In the Summary area of the form, do the following:
    1. In the Account Name box, type the name of the system email account.
    2. In the Email Address box, type the email address of the account that will be used as the system email account.
    3. Optional: In the Reply Address box, type the email address that will be used for automatic replies.

Step 4: To Specify the Servers

To specify the settings of the servers, do the following:

  1. While you are still on the System Email Accounts (SM204002) form with the account you have created, be sure the Service tab of the form is opened.
  2. In the Incoming Mail Protocol box (Server Information section), select the protocol to be used to connect to the incoming server.
    Note: If you have selected IMAP, every email that has been successfully collected from the server will be marked as read on the server.

    If you have selected the IMAP protocol, in the Root Folder (on Server) box, you need to type the path to the folder that will be used as the root folder for storing emails.

  3. In the Incoming Mail Server box, type imap.gmail.com.
  4. In the Outgoing Mail Server box, type smtp.gmail.com.
  5. On the form toolbar, click Save.

Step 5: To Configure Authentication Through OAuth 2.0

To configure authentication through OAuth 2.0, do the following:

  1. While you are still working with the account on the System Email Accounts (SM204002) form, in the Authentication Method box, select the OAuth2 option.
  2. Click the pencil icon next to the External Application box. The system opens the External Applications (SM301000) form in a new window.
  3. In the External Applications form, click Add New Record.
  4. In the Type box, select the Google SMTP/IMAP/POP3 option.
  5. In the Application Name box, type the name of the application, for example, Gmail Connector.
  6. In the Client ID and Client Secret boxes, insert credentials for the OAuth client you have configured using Google console.
  7. On the External Applications form, click Save and Close on the form toolbar. The system closes the window with the form and specifies the configured application in the External Application box on the System Email Accounts form.

Step 6: To Configure Port Numbers

Finally, you need to specify the advanced settings email account. Do the following:

  1. While you are still working with the account on the System Email Accounts (SM204002) form, configure port numbers in the Server Port Numbers section of the Service tab.
  2. In the Incoming server port (POP3/IMAP) box of the Server Port Numbers section, type the number of the port to be used for incoming mail.
  3. Select the Incoming server requires encrypted connection (SSL) check box.
  4. In the Outgoing server port (SMTP) box, type the number of the port to be used for outgoing mail.
  5. In the Outgoing server encrypted connection box, select the TLS option.
  6. On the form toolbar, click Save, and then click Sign In to test the settings of the email account.