Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Urgent: Transition to OAuth for IMAP/SMTP/POP Email Functionality in ERPNext/Frappe Due to Google Workspace Changes #26441

Open
vmatt opened this issue May 15, 2024 · 2 comments
Open

Urgent: Transition to OAuth for IMAP/SMTP/POP Email Functionality in ERPNext/Frappe Due to Google Workspace Changes #26441

vmatt opened this issue May 15, 2024 · 2 comments
Labels
feature-request

Comments

@vmatt
Copy link
Contributor

vmatt commented May 15, 2024
edited

Original Google Announcement

As part of its commitment to user safety, Google Workspace has announced the deprecation of the Less Secure Apps (LSAs) sign-in method for third-party apps or devices that rely on shared Google username and password. This change is crucial for enterprises using ERPNext/Frappe with IMAP/SMTP/POP functionality as it will require transitioning to the OAuth authentication method.

Key Points of the Announcement

  1. Timeline for Changes

    • June 15, 2024
      • The LSA settings will be removed from the Google Admin console and can no longer be changed.
      • Enabled users can still connect, but disabled users will lose access.
      • New users will not be able to connect.
    • September 30, 2024
      • Access to LSAs will be completely turned off for all Google Workspace accounts.
      • CalDAV, CardDAV, IMAP, POP, and Google Sync will no longer work with password-based sign-ins, necessitating OAuth.

  2. Impact on ERPNext/Frappe Users

    • Frappe currently supports IMAP and SMTP configurations for email accounts using password-based authentication.
    • These email functionalities will stop working for newly created Google Workspace users after July 15, 2024, and will cease entirely after September 30, 2024.

  3. Consequences for Enterprises

    • Enterprises using ERPNext integrated with their business pipeline for sending and receiving emails will face significant disruptions.
    • Without transitioning to OAuth, businesses may experience a substantial slowdown in operations.

To prevent disruptions

  • Developers must update the Frappe framework to support OAuth for IMAP and SMTP functionalities and ensure these updates are integrated into ERPNext.
  • All ERPNext/Frappe-integrated enterprises must transition their email account configurations to use OAuth for IMAP/SMTP connections.
@ankush
Copy link
Member

ankush commented May 16, 2024

more: https://workspaceupdates.googleblog.com/2023/09/winding-down-google-sync-and-less-secure-apps-support.html

@ankush
Copy link
Member

ankush commented May 23, 2024

Developers must update the Frappe framework to support OAuth for IMAP and SMTP functionalities and ensure these updates are integrated into ERPNext.

This is already present: https://frappeframework.com/docs/user/en/guides/app-development/connected-app

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vmatt @ankush