Technical Articles
SAP Cloud Platform Integration (CPI) || Part 6 || Configuring Mail Adapter
Dear Reader,
This blog post is a part of a series of blog posts related to SAP Cloud Platform Integration. The blogs so far are:
- My adventure in learning CPI || Part 1 || All about SAP Cloud
- My adventure in learning CPI || Part 2 || Deployment Models
- My adventure in learning CPI || Part 3 || Cloud Security
- SAP Cloud Platform Integration (CPI) || Part 4 || Know your tool
- SAP Cloud Platform Integration (CPI) || Part 5 || Content Modifier
Up next:
- SAP Cloud Platform Integration (CPI) || Part 7 || Maintaining logs/ using “Groovy Scripts”, even if the IFlow is not on trace mode.
———————————————————————————————————————–
Various adapters (i.e. technical protocols which are used to connect a sender or receiver to the tenant (CPI), are provided by SAP, such as SOAP, OData, Mail, SuccessFactors, HTTPs, Ariba, Facebook, Twitter, ProcessDirect, etc).
In this blog, I shall explain to you about the Mail adapter.
The below is the IFlow, where I have used (a) a Start Timer which means, the message will trigger, the moment the IFlow is deployed, (b) a Content Modifier, just to show how to call the elements in the body of the email.
You can call the Header as, ${header.elementName}, Property as, ${property.elementName}, and Message Body as ${in.body} in the subject/ body of the email.
In my example, I am trying send an email from a Gmail ID.
For the Connection setting refer the screenshot below that needs to be maintained.
1. Address, the address maintained is smtp.gmail.com:587 where, smtp.gmail.com is the address which allows the sender to an email and check the domain of the sender through the email ID provided, and 587 is the port behind the SSL certificate for security. Now, this smtp.gmail.com is applicable only for Google Customers i.e. gmail users.
There are different standard ports used by Google, Microsoft, Yahoo, Rediff, or Godaddy such as 587, 465, 995, 993, and 25.
2. Credential Name, is to be maintained in the Security Material.
In the Operations View, go to Security Material, and add User Credentials.
Enter your ID, and password of your Gmail account, and Deploy.
Please ensure that your ID is unblocked for API mail sending.
3. Under Mail Attribute, mention the your ID which has been unblocked for API mail sending, and the receipient’s email addresses followed by a (,).
In the Subject, and body, mention enter your email context, and as I have stated earlier, you can call the Header, Property, and Message Body of the content modifier.
After you deploy, a message shall be triggered, and you shall get an email like the below:
Click on “Check Activity”, and click on, “Yes, it was me”.
Now, go to Manage Account:
Here, “Turn on” the Less secure app access.
After you are done, making these changes, re-deploy the IFlow, and you shall get an email like the below:
Hi Sookriti,
using gmail server in Mail receiver adapter always work.
Did you try smtp.office365.com.?I am getting below error
I have never tried with office365. I am sure there must be other blogs on this mail server's connectivity.
From the error, it seems more like the email ID which you have used has missing authorizations. As I have mentioned make sure the email id has been unblocked for API mail sending.
Hi Harsha,
I was able to connect to office365 after adding certificates in Keystore.
Regards
Ankita
Hi Ankyy Nadgir - could you please list down steps to integrate with office365 mail server. We have the same requirement and are looking for some guidance. Appreciate your help.
Hi Sookriti,
Please confirm me whether we need to do two step authentication from Gmail and need to provide that in credentials.
Not required. The essentials steps have been mentioned in the blog. The "app access" is required.
The first time, you will trigger the email, you shall get an email stating about "Security Alert", from there on, you just have to allow access.
Hi Sookriti,
i setup the mail adapter as you recommended in the blog.
Unfortunately I receive the following error in the message processing monitor
Do you know why this error occurs?
thanks and regards,
Julian
Julian,
From the Manage Keystore under Monitor view, add a Certificate for Gmail and re-deploy your iFlow. This should probably resolve the certificate issue.
Thanks,
Arun
Hi Arun,
even i got the same error.
can you please guide me from where we need to get/download/generate the gmail certificate?
Warm Regards,
BhanuRajesh K
Hello BhanuRajesh,
Use https://pki.goog/ to download the relevant Certificates.
Thanks,
Arun
Hi Arun,
Which certificate should I download for email, I tried with a few of them on mentioned website, but I still receive the same error.
Thanks,
Priyank
Hello Priyank,
This is just one way of doing it. If this doesn’t work, you may try the other way. See below.
Go to the Connectivity Tests tile and use the SMTP test using your email address. From the resulting response, you may simply download the certificates and have them installed. This is actually the easiest way.
Hope this helps.
Thanks,
Arun
Hello Arun,
Thanks for describing download certs in different way. whenever I am trying in this way i am getting below error :
com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtps.gmail.com:587, 587; timeout 15000 Cause: java.net.UnknownHostException: smtps.gmail.com:587
can you please let me know how to resolve this error
Hi Julian,
Is this resolved?
If yes, please let us know the way in detail so that it would be useful for the members who may face same issue.
Thanks in Advance.
Warm Regards,
BhanuRajesh
Thanks Sookriti. Appreciate your time taken to help others with your blog.
For Gmail, in addition to the settings for less secure apps, I also had to enable the option to bypass the Captcha verification. Only then, I received an email.
Looking forward to more such articles.
Thanks,
Arun
Hi Sookriti,
I have seen that many guys are following your blogs especially, it describes your way to it.
Your blog(s) on CPI is simple in understanding and worthy.
Looking for more articles on CPI especially on pallets.
Warm Regards,
BhanuRajesh
Hi Sookrti,
Thanks for details steps.
I did steps as mentioned on blog and Tuned on less security on gmail settings , but still getting authentication failed exception.
Could you please assist on steps to fix the issue.
javax.mail.AuthenticationFailedException: 534-5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbu 534-5.7.14 BiXbFVb3uT5e7yJMdmtQLBE3q3anvbRB0-E-7kHRE_NwvUJw-Jhn28c5Suu0741pv4FT8 534-5.7.14 wo095UeS2-hX4gCc1H6JqCvwaIb_C_Fqgxpu2E4Ro_ZEYOjaHpH0aHDDRqfgvTCQ> 534-5.7.14 Please log in via your web browser and then try again. 534-5.7.14 Learn more at 534 5.7.14 https://support.google.com/mail/answer/78754 a187sm3160962wmh.40 - gsmtp
Thanks,
Ganesh
Hello Ganesh,
I am facing the same issue. Please let me know how did you resolve it?
Just sign out from your gmail in the webbrowser you logged in currently and Login again.
A relogin is required after turning on the access to less secure apps.
go to https://accounts.google.com/DisplayUnlockCaptcha & click continue
Hi Sookrti,
The information that you are providing through blogs are quite simple and easy to follow.
I would like to learn SAP-CPI course would you please suggest me any course that is good.
Thanks and hoping for the reply,
Ramanaidu.Gudi
Hi Sookruthi,
I Configured Mail Adapter.
Connectivity Test
I deployed to Iflow later i got the error message like Not Connecting to Host . Please check the error message and give me the solution.
Could Not Connect to Host
Hi,
After performing all of these steps, I deployed my iflow and getting this error:
Please help with it. In fact I've turn on "less secure apps" in Gmail account settings.
Thanks,
Ravi
Below steps need to be followed to send email from SAP CPI via mail adapter,
2. Make sure Less secure apps is TURNED ON in your gmail account
https://myaccount.google.com/lesssecureapps?pli=1
3. To allow each app to send email, enable the access using the below link
https://accounts.google.com/b/0/DisplayUnlockCaptcha
Thanks
MP
Hi,
It's working fine now.
Now, I've created another dummy Gmail account for this testing purpose and its working smoothly with it. There might be some security aspect which didn't allow me to communicate vie my original Gmail account.
Thanks for the reply.
thanks for providing correct solution.
Even if you install gmail certificate from Connectivity test tile in CPI, 2nd and 3rd steps mentioned by MP above are necessary.
2. Make sure Less secure apps is TURNED ON in your gmail account
https://myaccount.google.com/lesssecureapps?pli=1
3. To allow each app to send email, enable the access using the below link
https://accounts.google.com/b/0/DisplayUnlockCaptcha
Hi Sookriti Mishra and All
Hope you have saw the G Updates that Gmail access for Less Secure Apps will be stopped after Feb 15 2021. Do we have any alternative option of using OAuth2 in the mail adapter rather than username and password.
Gsuite Updates Link : https://gsuiteupdates.googleblog.com/2019/12/less-secure-apps-oauth-google-username-password-incorrect.html
Please share your thoughts on this.
Thanks
Parthiban
Hello Parthiban,
I have a similar kind of requirement that Google has stopped Gmail Access for Less secure Apps which is user name and password.
Now we are moving this Oauth authentication. However Oauth authentication in mail adapter is provided only for Microsoft O365.
Can you please help us how we can we get Oauth Authentication for Gmail.
Thanks in advance.
Thanks sookriti and all,
It did help me a lot.
For me with out certificates it worked
1. Make sure Less secure apps is TURNED ON in your gmail account
https://myaccount.google.com/lesssecureapps?pli=1
2. To allow each app to send email, enable the access using the below link(this step is must for gmail)
https://accounts.google.com/b/0/DisplayUnlockCaptcha
I have tried connecting outlook but getting auth error while running.
Tried using openconnector outlook and it worked .
Not sure what is different in both ….
javax.mail.AuthenticationFailedException: 535 5.7.3 Authentication unsuccessful [BL1PR13CA0424.namprd13.prod.outlook.com]
Thanks,
Dhanish
Hello, I am new to CPI although I had over 10 years of PI experience.
I noticed that ${in.body} retrieves the value of the last content modifier or mapping step. Now if the iflow has multiple content modifier/mapping, is there a way to control the versioning of the ${in.body}? Basically, I want to store the payload in different variables to track the different version instead of getting the latest payload.
Thanks Jonathan.
Hi Sookriti Mishra,
Excellent blog, i have implemented successfully. I felt very happy today and thanks a lot for this sharing information .
i got below message to my mail .
This is test email form CPI..
Note:
This is an auto-generated email latest.
How to send email to different users
I am successfully able to send email from my O365 account using mail adapter. I am currently using same From and TO addresses, means my sender email address and receiver address are same. And i even know how to send it to a group of people by including comma in between the mail IDs. But, i want to send the email to different email addresses/users which i am fetching in a payload. Please help me how can we do it.
Ex - I am getting some 100 user details in payload. And I want to filter 1 candidate out of 100 from UI/SF. Now the mail should go only to that particular user.
Hi Narasaiah,
You mentioned SF, so I am guessing SuccessFactors. So, if you are using a Request-Reply to call Email IDs from SF system, then for sure, you can use filter in Step 3, and specifically call that particular email ID which you need from external system. And this email ID, you can get it saved in a property in Content Modifier, and dynamically you can use the same in To of the Mail Adapter.
If you have a payload which has 100 mail ids already in it, then you need some criteria, on the basis of which you want to select that particular mail id, so, again, you can put your selection criteria in the XPATH in a Property in a
Content Modifier.
Not sure if I understood the question correctly, but let me know if it worked for you, or else, we can check this together.
Thanks 🙂
Sookriti
Thanks for the detailed steps, appreciate your quick support
It is better to use an App password which can be generated in the Gmail security section, instead of using traditional password.
Thanks
Sugata
Hi Sookriti,
wonderful bog!! Really appriciate your time and efforts.
I have a requirement to use the Encrytped Username and password for authentication - kindly guide me if the procedure is same as above or any changes need to be done.
Hi Sookriti,
Thanks for your aricles. This helps me establish my first SMTP Iflow.
For update, the Gmail doesn't support Less secure app access anymore since May 30th 2022.
So if user wants to set up a Gmail SMTP Iflow, it's better to enable Two-way authentication in Google Account, and then set an App Password.
Remember the App password and configure that in CPI "Security Material" whith Gmail account.
And then the Iflow could be established successfully.