Sending Messages About Critical Issues to E-mail Addresses
By default, Integration Server does not send notifications of any log entries to an e-mail address. You can configure Integration Server to automatically send notifications to a specified e-mail address each time a critical issue occurs.
To send messages about critical issues to e-mail addresses
1. Open Integration Server Administrator if it is not already open.
2. Go to Settings > Resources.
3. Click Edit Resource Settings.
4. In the SMTP Server field, type the server name or IP address of the SMTP server to use to send the messages.
5. In the Port field, enter the port that Integration Server is to connect to on the specified SMTP server.
6. From the Transport Layer Security list, select the type of SSL encryption that Integration Server uses when communicating with the SMTP server port defined above.
Select | To |
None | Default. Use a non-secure mode when communicating with an SMTP server. |
Explicit | Integration Server uses explicit security when communicating with an SMTP server. |
Implicit | Integration Server uses implicit security when communicating with an SMTP server. |
Note:
Microsoft email provider supports only Explicit Transport Layer Security.
7. From the Truststore Alias list, select the alias for the truststore that contains the list of certificates that Integration Server uses to validate the trust relationship between Integration Server and the SMTP server. If you do not select a truststore alias, the default truststore alias specified in the watt.security.trustStoreAlias property will be used. For more information about this property, see
watt.security.. For more information about truststore alias, see
Creating Truststore Aliases. 8. In the Internal Email field, type the e-mail address to which to send messages about critical log entries. Typically, you would specify the e-mail address for the Integration Server Administrator.
9. In the Service Email field, type the e-mail address to which to send messages about service failures. In a development environment, you might direct these messages to the developer. In a production environment, you might direct these messages to the Integration Server Administrator.
10. By default, Integration Server uses character set UTF-8 for the messages. If you want to use a different character set, identify the character set in the Default E-mail Charset field.
11. In the Username field, type the e-mail address of the account that Integration Server uses to connect to the SMTP server.
12. In the Authentication field, specify the type of authentication that Integration Server should use to connect to the specified e-mail server. Select Basic Authentication or OAuth.
Select
Basic Authentication if you want to authenticate the user on the specified e-mail server with only login credentials (username and password).
Select
OAuth to authenticate the user on the specified e-mail server using the credentials issued by the OAuth server.
Note:
Only the Authorization Code grant type is supported for OAuth.
Note:
To obtain the OAuth credentials for Integration Server, you must first register Integration Server with the OAuth Server. For details about registering an application and obtaining the OAuth credentials, see your authorization server's documentation.
13. In the Password field, type the password associated with the username that identifies you on the SMTP server. This field applies only to Basic Authentication.
14. In the Auth URL field, specify the URL of the email provider or endpoint that Integration Server uses to request authorization code. This field applies only to OAuth.
15. In the Client ID field, specify the unique public identifier that the OAuth server generates for Integration Server during registration. This field applies only to OAuth.
16. In the Client Secret field, specify a unique string that the OAuth server provides to Integration Server. It is known only to Integration Server and the authorization server. This field applies only to OAuth.
17. In the Scope field, specify the mail server access permissions configured for Integration Server during registration. You can specify multiple scopes separated by a space. This field applies only to OAuth.
18. In the Access Token URL field, specify the URL that Integration Server must use to request an access token from the OAuth server. This field applies only to OAuth.
19. In the Redirect URL field, specify the URL that the OAuth server uses to send authentication responses to Integration Server. This field applies only to OAuth.
If you access
Integration Server locally, enter the redirect URL in one of the applicable formats:
http://localhost:{port}/WmRoot/security-oauth-get-authcode.dsp
https://localhost:{port}/WmRoot/security-oauth-get-authcode.dsp
If you access
Integration Server remotely, use https://{ISHostName}:{port}/WmRoot/security-oauth-get-authcode.dsp
20. Click Get Authorization Code to receive a unique string from the OAuth Server that Integration Server requires to request an access token. A new window prompts for user credentials. After a successful login, an authorization code is sent to the redirect URL.
Alternatively, you can obtain the authorization code manually in scenarios that do not allow you to obtain the authorization code through Integration Server Administrator.
To obtain the authorization code manually, send a request through a browser in the format: <URL of an emailprovider>/<TenantID>/oauth2/authorize?response_type=code&prompt=login&redirect_uri=http://host:{port}/WmRoot/securityoauth-get-authcode.dsp&client_id=<clientID>&scope=<scope>
Here, response_type is set to code to inform the OAuth server that Integration Server expects an authorization code as the response at the mentioned redirect_uri.
Note:
Since the code generated is valid only for one-time usage, get the authorization code each time you update the OAuth relevant fields.
21. Access Token Expiry Time field is displayed specifying the time until when an access token issued to Integration Server is valid. This field applies only to OAuth. This is a read-only field displayed based on the access token.
22. Token Refresh Interval field specifies the time interval in minutes at which the cron job is scheduled to fetch a new access token. The access token and the refresh token are issued the first time you save the settings for email notifications. Thereafter, the scheduled cron job refreshes and fetches the access token using the refresh token, ensuring that a valid access token is used to send mails. The default is 15 minutes.
Note:
If the access token expires, the user needs to consent again using login credentials and regenerate the tokens by editing the Email Notification Settings.
23. Click Save Changes to update the server with the new or changed email notification settings. Your changes take effect immediately, and you start receiving emails in case of any errors. In addition, the Access Token Expiry Time is displayed.
Note:
You can also set all the email notification parameters using server configuration parameters during Integration Server startup, instead of using Integration Server Administrator. If the Authentication type is OAuth, Integration Server generates an access token and a refresh token, and creates the cron job at the startup.
When you set email notification configuration in Settings > Extended, a new access token and a refresh token is generated only when there is a authorization code present. A cron job is created if it is not already created during startup.
Note:
When sending a message, by default, Integration Server provides its own address (the From Address) as Integration-Server@localhost, where localhost is the Integration Server host machine, you must provide a valid From Address. Go to Settings > Extended in Integration Server Administrator to set the watt.server.email.from parameter to the From Address you want the messages to use.
Note:
The OAuth based authentication for email notifications is introduced for PIE-79351 in IS_10.7_Core_Fix14.