Connect Gmail or Microsoft 365 to Magento (OAuth 2.0)
Guides

How to Connect Gmail or Microsoft 365 to Magento with OAuth 2.0

2 min read 23 views

Gmail/Google Workspace and Microsoft 365 are perfectly good places to send your store's transactional email from — but both are steadily retiring basic passwords and app passwords in favour of OAuth 2.0. Here is how to connect them to Magento the modern, secure way.

Why OAuth 2.0 (XOAUTH2)

With OAuth 2.0 you never store a reusable password in your store. Instead you register an app with Google or Microsoft, grant it permission to send mail for the mailbox once, and receive a long-lived refresh token. The store exchanges that token for short-lived access tokens automatically, so there is no password to leak.

What you will need

  • A Google Cloud or Azure app registration for your mailbox.
  • The client ID and client secret from that app.
  • A refresh token for the sending mailbox (offline access).
  • For Microsoft, your tenant ID (or "common").

Keeping it secure

Store the client secret and refresh token encrypted, never in plain text, and use a dedicated mailbox for sending rather than a personal account. Confirm everything works with a test email before you switch live traffic over.

How AgenticEcom helps: SMTP supports OAuth 2.0 (XOAUTH2) for both Gmail/Workspace and Microsoft 365: you supply the client ID, secret and refresh token, and the module exchanges the token for short-lived access tokens automatically. All secrets are stored encrypted. SMTP for Magento 2 →

FAQs

Do I still need an app password?

No. With OAuth 2.0 you use a refresh token instead of an app password, which is exactly what Google and Microsoft are moving everyone toward.

Where do I get a refresh token?

From your OAuth app with offline access granted for the sending mailbox; you obtain it once during setup.