CPI – Gmail SMTP Integration
A few days ago, I hit a roadblock when I tried to configure a CPI-Gmail SMTP Integration. After setting up the Gmail credential using my usual Gmail user name and password, and performing a Connectivity Test, I encountered the error message ‘Username and Password not accepted’. I did some research and found that I had to use the App Password approach in order to access the Gmail SMTP from CPI. After completely configured the App Password approach, the Connectivity Test turned out to be successful. I then configured the rest of the Integration Flow starting from SOAP as the sender and ending the event with sending an email to my Yahoo account via my Gmail account.
In this writing, I will briefly share with you the steps taken to configure the CPI-Gmail integration.
Step 1: Setting Up the App Password.
The detailed information on how to setup an App Password can be found at https://support.google.com/accounts/answer/185833. To setup the App Password, login to your Google Account and click the ‘Manage your Google Account’ button. It should be located at the top right corner. At your ‘Google Account’ page, click the ‘Security’ link located on your left. You will see the ‘App Passwords’ link inside the ‘Signing in to Google’ box.
After clicking the ‘App password’ link, you may start creating an App Password. As shown in the figure below, select ‘Other (Custom Name)’ under the ‘Select App’ drop-down and click ‘Generate’.
Enter the name of your choice and in my case, I have entered ‘CPI Mail’, as shown in the below figure. Click ‘Generate’.
You will see your new 16-character App Password in the ‘Generate app password’ page, as shown in the figure below. Copy this password.
Step 2: Setup Credential in CPI.
In your SAP Cloud Platform Integration’s Overview page, click ‘Monitor’, as shown in the figure below. Then, click on the ‘Security Material’ tile.
In the ‘Manage Security Material’ page, select ‘Add’, then ‘User Credentials’, as shown in the figure below.
In the ‘Add User Credentials’ screen, enter a name of your choice. In my case, it was ‘GMAIL_CREDENTIAL’. Enter the Description and select ‘User Credentials’ as Type. Enter your full Gmail account user name at the ‘User:’ textbox.
Lastly, paste the 16-character App Password into the ‘Password:’ and ‘Repeat Password:’ textboxes.
Step 3: Import Google Certificates
This step allows the Gmail SMTP server to authenticate itself against SAP Cloud Platform Integration.
At your SAP Cloud Platform Integration’s Overview page, click ‘Monitor’ and then click the ’Connectivity Tests’ tile, which is located under the ‘Manage Security’ section. In the ‘Test Connectivity’ page, click ‘SMTP’ and enter the details as shown in the figure below. Ensure that the ‘Credential Name’ is the same as what you entered previously in the ‘Manage Security Material’ page. Then, click ‘Send’ and you should see the green successful response. Click the ‘Download’ button to download the certificates into your computer.
Lastly, once in your computer, unzip the certificate file.
Step 4: Install the certificates on CPI
At your SAP Cloud Platform Integration’s Overview page, click ‘Monitor’ and then click the ’Keystore’ tile, which is located under the ‘Manage Security’ section.
In the ‘Manage Keystore’ page, click ‘Add’, then ‘Certificate’, as shown in the figure below.
In the ‘Add Certificate’ page, enter the ‘Alias’ of your choice (in my case, it is ‘Gmail Certs’). Select the certificate from your PC and click ‘Deploy’.
Repeat the addition of the second certificate, as shown in the figure below.
Once done, you will see two additional entries in the ‘Manage Keystore’ listing. In my case, they are ‘gmail certs’ and ‘gmail cert2’, as shown in the figure below.
Step 5: Create and Deploy the Integration Flow
Now, you may design and deploy the iFlow.
Below is my simple iFlow for testing
Below is the configuration in the ‘General’ Tab
And here is the configuration in the ‘Connection’ tab. Please ensure that you enter the same value in the ‘Credential Name:’ textbox, as what you have previously created in ‘Step 2: Setup Credential in CPI.’.
Step 6: Testing the Integration Flow
Finally, you may test the iFlow.
In my case, I used the SOAPUI application to simulate sending a SOAP message to the iFlow.
And here, as shown in the figure below, the email with the SOAP content was successfully sent to my Yahoo account.
In summary, the vital steps to setup a CPI-Gmail SMTP integration involve creating an App Password via the Google account, and setting up credentials in CPI using the App Password. It also involves importing Google certificates and installing the certificates on CPI.
Hope you find this article helpful and if you have any suggestion and comments, please do not hesitate to reply to the Comments section below.
Thank you and have a pleasant time ahead.