Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-72166

As a Jira Administrator I want to configure OAuth 2.0 for Outgoing mail (SMTP)

    XMLWordPrintable

    Details

    • UIS:
      1
    • Feedback Policy:
      We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      Problem Definition

      Outgoing mail (SMTP) does not provide the option to authenticate via the oauth2.0 profile from the system admin UI.
      Note that IMAP support is already implemented - JRASERVER-63917

      Latest update on this matter: the Microsoft announcement in https://docs.microsoft.com/en-us/lifecycle/announcements/exchange-online-basic-auth-deprecated:

      UPDATE February 25, 2021: Microsoft has postponed disabling Basic Auth for protocols in active use by tenants until further notice but will continue to disable Basic Auth for protocols not in use. Overall scope of this change now covers EWS, EAS, POP, IMAP, Remote PowerShell, MAPI, RPC, SMTP AUTH and OAB.
      ..
      Exchange Online is deprecating Basic Authentication for multiple protocols prior to its removal in the second half of 2021. Basic Authentication relies on sending usernames and passwords – often stored on or saved to the device – with every request, increasing risk of attackers capturing users' credentials, particularly if not TLS protected.
      ...
      As part of security defaults, we currently disable Basic Authentication by default for new customers. During 2021, we'll start to disable Basic Authentication for existing customers who have no recorded usage of Basic Authentication in any of the protocols in scope of this announcement. After this change, apps will not be able to use Basic Authentication when connecting to Exchange Online using those protocols.

      and related Basic Authentication and Exchange Online – February 2021 Update

      The first change is that until further notice, we will not be disabling Basic Auth for any protocols that your tenant is using. When we resume this program, we will provide a minimum of twelve months notice before we block the use of Basic Auth on any protocol being used in your tenant.
      ...
      Finally, we are aligning our plans with those for SMTP AUTH. We had previously announced that we would begin to disable SMTP AUTH for newly created tenants (and have already done so), and that we would expand this to disable SMTP AUTH for tenants who do not use it. We are continuing to do that, but we will include SMTP AUTH in all future communications and Message Center posts to make it easier for you to track the overall plan.

      Suggested Solution

      Provide support for OAuth 2.0 Outgoing mail (SMTP)

      Workaround

      None

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              ayakovlev@atlassian.com Andriy Yakovlev [Atlassian]
              Votes:
              16 Vote for this issue
              Watchers:
              12 Start watching this issue

                Dates

                Created:
                Updated: