> For the complete documentation index, see [llms.txt](https://doc.dastra.eu/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://doc.dastra.eu/en/features/settings/configuration-du-smtp/integration-of-external-providers-office-365-gmail.md).
# Integration of external providers (Office 365 / Gmail)
## 📌 Objective
By default, all notifications sent by Dastra come from the address . Thanks to integration with your external email providers (Office 365 or Gmail), you can configure sending via your own email addresses, allowing you to:
* Build trust with your recipients (emails sent with your domain).
* Centralize your sending and deliverability logs directly in your email infrastructure.
* Manage your own security, compliance, and archiving rules.
***
## 📩 Scope of emails concerned
This configuration applies to all notification emails sent by Dastra within your organization, for example:
* Notifications of new tasks or requests.
* Invitations and reminders.
* Compliance alerts.
* Tracking requests to exercise rights, incidents, workflows, etc.
👉 In other words, all outgoing emails will replace with the configured address.
> ⚠️ Please note: this applies to all emails sent from the organization. All workspaces will be affected.
***
## ⚙️ Integration configuration
### Step 1: Access the supplier integration and authorize the connection
* Go to Workspace Settings > Integrations.
* Click Add a configuration for Office 365 or Gmail.
You can also access the configuration from this URL:
* Select the provider you want to use :
* **Microsoft 365 (Office 365)**
* **Google (Gmail / Google Workspace)**
* When adding for the first time, Dastra will ask you to authorize the connection :
* A window will open for you to authenticate via OAuth with Microsoft or Google.
* You must use an account with sufficient rights (e.g., an account with administrator privileges or permission to send on behalf of the domain).
* Once authentication is successful, Dastra will confirm the connection and display the sender configuration screen.
⚠️ Please note: this step is essential for Dastra to be authorized to send emails via your provider. Without it, the sender configuration will not be effective.
### Step 2: Fill in the requested information
Two mandatory fields must be filled in:
1. **Sender email**
* The email address that will be used as the sender of notifications (example: `notifications@yourdomaine.com`).
2. **Sender alias**
* The name displayed as the sender (example:`Compliance team - Your company`).
Once completed, click Save and Test to validate the configuration.
### Step 3: Verification and testing
* Dastra will perform a test send to confirm the validity of the configured address.
* Check your inbox and your Office 365/Gmail logs to ensure that the test message has been delivered.
The message will look like this :
***
## ✅ Important points to remember
1. **Responsibility for logs**
* By using your own provider (Office 365 or Gmail), **you are in control of your sending logs.**
* Information related to email delivery, rejection, or blocking is no longer visible to Dastra teams.
2. **IP/domain reputation management**
* Your infrastructure (Office 365 or Gmail) is responsible for ensuring good deliverability.
* Make sure that :
* Your SPF/DKIM/DMARC records are configured correctly.
* Your sender reputation is good.
* Your domain and IP are not listed as spam.
3. **Impact on your recipients**
* Notifications will appear as if they were sent directly by your organization.
* This facilitates recognition and reduces the risk of confusion with generic addresses.
***
## 🔒 Security best practices
* Limit the addresses used for sending (example : `no-reply@yourdomain.com` or `notifications@yourdomain.com`).
* Enable multi-factor authentication on accounts used for integration.
* Regularly monitor your sending logs in Office 365/Gmail to identify any anomalies.
***
👉 Once integration is enabled, Dastra will no longer use : all your notification emails will be sent via your configured provider.
***
## 🔧 Technical FAQ for IT administrators
This section answers common questions from IT and security teams when setting up the Office 365 integration.
#### What authentication model is used?
The Office 365 integration uses **application consent** (global admin consent), not delegated consent on behalf of a user. No active Exchange licence per user is required for the integration to work.
#### What Microsoft Graph scopes are requested?
Dastra requests the following permissions during OAuth consent:
| Permission | Usage |
| ------------------ | ------------------------------------------ |
| `Mail.Send` | Sending emails from the configured mailbox |
| `Mail.Send.Shared` | Sending from a shared mailbox |
#### Are shared mailboxes supported?
Yes. To use a shared mailbox (e.g. `privacy@yourcompany.com`):
1. Sign in with your **personal account** that has send permissions on the shared mailbox.
2. In the **Sender email** field, enter the shared mailbox address.
No Exchange policy change (ApplicationAccessPolicy) is required for this to work.
{% hint style="info" %}
Make sure your personal account has the **"Send As"** or **"Send on Behalf"** permission on the shared mailbox in Active Directory / Exchange.
{% endhint %}
#### Do I need to whitelist Dastra's outbound IP addresses?
Dastra uses **Microsoft Graph API** to send emails, not a traditional SMTP server. Calls go through Microsoft's Azure infrastructure, which has a large number of IP ranges (\~100 ranges) that change over time.
**IP-based filtering is not recommended** for this integration: it would be difficult to maintain and could cause service interruptions when Azure IP ranges are updated. Security is handled by OAuth 2.0 and admin consent.
{% hint style="info" %}
If your security policy requires IP restrictions, you can refer to the IP ranges published by Microsoft for Azure services: . Note that this list is updated regularly.
{% endhint %}
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://doc.dastra.eu/en/features/settings/configuration-du-smtp/integration-of-external-providers-office-365-gmail.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.