This document provides steps in setting up OAuth 2.0 in Kayako Classic using Google.
⚠️ This is only available from version 4.94.7 onwards.
You can refer to the following article for guidance Upgrading or Downgrading Your Kayako Classic Download Helpdesk
Step 1: Create an Organization
After you login to Google Console, you would be landing at the organization page as seen in the screenshot below. The dropdown option on the top blue bar shows the organization.
Step 2: Create new Project
Click on the organization dropdown and you would be presented with an option to create a new Project, as shown below.
Click on the New Project to create a new project and provide the project name
Step 3: OAuth Consent Screen
On creating a new project, navigate to the project page and click on Go to APIs overview section as shown below.
Once we create a project, we need to configure the project to enable OAuth. Following are the steps to enable the project for OAuth.
The first thing to do is set up the OAuth Consent screen. Click on the OAuth Consent screen menu in the left panel.
You would be presented with a screen as shown below. Based on whether you want external users or not select the option Internal or External and click on CREATE button.
The next step would be to enter some basic information about the app that we created.
App Information
Only mandatory fields are App name, User support email (a dropdown to select from), Developer Contact information (the email address can be the same you selected from the dropdown for support email). You can provide other details as well, like App logo, Application home page url, Application privacy policy url, Application terms of service url but they are all optional.
Also add your Kayako Classic domain (Kayako.com or Helpserve.com) to the Authorized domains before clicking on Save and Continue button.
Scopes
To authorize Kayako Classic to read emails using OAuth, we would need to add scopes to the application. In this step, add/select the following scopes by clicking on ADD OR REMOVE SCOPES button as shown in the screenshot below.
Check the highlighted boxes in the right panel that comes up after clicking the Add or Remove Scopes button.
Scroll down in the right panel and you would see a section for Manually add scopes, add the following URL “https://mail.google.com/” and click on ADD TO TABLE before clicking UPDATE button.
This will ensure you have added all the scopes and the permissions required for the application. Click on SAVE AND CONTINUE button at the bottom.
Test users
Before finishing the app permissions, the last step is to add a Test user. Click on the ADD USERS button to render the right panel. Add the test user that whose email address would be used while configuring the Kayako Classic Email Queue. Finish adding the user and click on ADD button
Summary
You would land on the App registration summary page. Check the details and scroll down to the bottom and click on BACK TO DASHBOARD button.
Step 4: Create Credentials
Click on the Credentials section in the left panel (as seen in the screenshot below) and you would be presented with a screen containing API Keys, OAuth 2.0 Client IDs & Service Account.
Click on the Create Credentials option at the top to create credentials for OAuth Client ID
Select Web application in the Application type dropdown, provide a name to the OAuth client credentials
Also, add the Authorized redirect URIs. Replace your Kayako Classic instance domain in the below URL and copy it in the URIs box and click CREATE
https://<KAYAKO_CLASSIC_DOMAIN>/admin/verifyoauth
Upon creating the Client Credentials, you would see a pop-up showing the Client ID & Client Secret. Copy the values of these parameters as we would need these credentials later while configuring the email queue in Kayako Classic.
Step 5: Setup Support email in Kayako Admin Panel
After completing the Google OAuth setup, you need to configure the settings in your Kayako Classic instance to enable Kayako to read and parse email from your Google email. Follow these steps to configure OAuth in Kayako Classic version 4.94.7 and above.
- Login to your Classic instance as an Admin user and navigate to Admin Panel > Email Parser > Email Queues and click on New as shown in the screenshot below
- You would be presented with a screen as shown below
Enter the values for the properties based on the information provided below
Enter queue address: Your support email
Mailbox type: Select POP3 SSL or IMAP SSL
Mailserver hostname: imap.gmail.com
Port Number: 993
Authentication Type: OAuth
Client Id: Provide the value obtained in Step 4
Client Secret: Provide the value obtained in Step 4
Authorization Endpoint: The value for this parameter is a URL as mentioned below.
https://accounts.google.com/o/oauth2/v2/auth
Token Endpoint: The value for this parameter is a URL as mentioned below.
https://oauth2.googleapis.com/token
Authentication Type: openid email https://mail.google.com/
Ignore recipient addresses and force into queue: Yes
Use the same mailserver to send email: Yes
SMTP connection type: SSL (Depends on the email setup on clients end)
- After entering the values, click on the NEXT button at the top of the page and you should see the following page
Enter the values for the properties based on the information provided below and click INSERT to finish the setup
Department: Select the department in which tickets should be created
Ticket type: Select the Ticket Type for new tickets
Status: Select the default status of a new ticket
Priority: Select the default priority for new tickets