Identity Cloud

Email provider

Overview

Identity Cloud uses email provider configuration to support email-dependent end-user journeys. For example, registration and password reset end-user journeys usually include an email component.

By default, Identity Cloud configures the email provider with default values to connect to a built-in SMTP server. This lets you quickly create and test email-dependent journeys in your tenant development environment using the ready-to-use email templates.

In your staging and production tenant environments, you must configure the email provider with values to connect to your own external SMTP server.

The email provider is configured at the tenant level. This means that configuration changes made in one realm are applied to both realms.

Setup process

  1. Customize an email template.

  2. In your tenant development environment, create and test a journey that uses an email node. By default, the email provider uses the built-in SMTP server to test the email node.

  3. When you’re satisfied with your test results:

    1. Configure the email provider to use your own external SMTP server.

    2. Verify that your email templates work with the external SMTP server.

  4. Promote your configuration changes to your tenant staging environment.

  5. (Optional) You can revert the email provider to use the built-in SMTP server for testing purposes. But, be sure to reconfigure the email provider to use your own external SMTP server before promoting configuration changes to your tenant staging environment.

Do not use the email provider with the built-in SMTP server in a tenant production environment. Identity Cloud provides this ready-to-use server for testing purposes only.

Configure the email provider to use an external SMTP server

The email provider is configured at the tenant level. This means that configuration changes made in one realm are applied to both realms.

When you’re ready to go to production, complete these steps to configure the email provider to use your own external SMTP server:

  1. In the Identity Cloud admin UI, go to Email > Provider.

  2. On the Email Provider page, enable the Use my own email provider switch.

  3. Enter the following details:

    From

    Email address of the organization or individual sending the email.

    Example: mycompany@example.com.

    Not set by default, but required.

    Host

    Host name or IP address of your SMTP server.

    When no host name is specified, Identity Cloud uses the built-in SMTP server.

    Port

    Port number of your SMTP server.

    Many SMTP servers require the use of a secure port such as 465 or 587. Many ISPs flag email from port 25 as spam.

    Default value is 587.

    Username

    Username for your SMTP server account.

    Password

    Password for your SMTP server account.

    Advanced settings

    Socket Connection Timeout (ms)

    Elapsed time before the Identity Cloud server times out due to unsuccessful socket connection. A setting of 0 disables this timeout.

    Default is 300000 ms (5 minutes).

    Socket Write Timeout (ms)

    Elapsed time before the Identity Cloud server times out because client can’t write to the SMTP server. A setting of 0 disables this timeout.

    Default is 300000 (5 minutes).

    Socket Timeout (ms)

    Elapsed time before the Identity Cloud server times out due to inactivity. A setting of 0 disables this timeout.

    Default is 300000 (5 minutes).

    Use STARTTLS

    • If enabled, and if the SMTP server supports the STARTTLS command, then the Identity Cloud server switches to a TLS-protected connection before issuing any login commands.

    • If the SMTP server does not support STARTTLS, the connection continues without the use of TLS.

    Disabled by default.

    Use SSL

    If enabled, the Identity Cloud server uses SSL.

    Disabled by default.

  4. To test your configuration, click Send Test Email.

    1. In the Send Test Email dialog box, enter your own email address.

    2. Click Send.

      If the test is successful, you’ll see a test email in your email inbox.

  5. To save the email provider configuration, click Save.

Revert the email provider to use the built-in SMTP server

The email provider is configured at the tenant level. This means that configuration changes made in one realm are applied to both realms.

If you need to revert the email provider to use the built-in SMTP server:

  1. Disable the Use my own email provider switch.

  2. Click Save.

The built-in SMTP server does not support OTP Email Sender nodes in password journeys.
Copyright © 2010-2022 ForgeRock, all rights reserved.