Skip to main content

Overview

If your organisation uses Microsoft 365 (formerly Office 365) — for example yourname@yourcompany.com on Microsoft’s platform — you can connect it to CardClan via 1-click OAuth. Cards will be sent directly from your business Microsoft 365 email address.
This uses Microsoft’s secure OAuth 2.0 flow. CardClan never stores your password — only an encrypted access token.

Prerequisites

Before connecting, make sure:
  • You have a Microsoft 365 business account (e.g. yourname@yourcompany.com)
  • Your Microsoft 365 Admin has allowed OAuth app consent (or has pre-approved CardClan)
  • Pop-ups are allowed in your browser for CardClan
  • SMTP AUTH is enabled for your mailbox (see Admin Configuration below)
Microsoft 365 organisations often restrict third-party app access and disable SMTP AUTH by default. Both may need to be enabled by your admin before connecting.

Step 1: Go to Email Settings

  1. Log in to CardClan
  2. Go to Settings → Email Accounts

Step 2: Connect Your Microsoft 365 Account

  1. Scroll to the One-Click OAuth Connections section
  2. Click Connect Outlook
  3. In the popup, sign in with your Microsoft 365 email (e.g. yourname@yourcompany.com)
  4. Review the requested permissions and click Accept
CardClan requests the https://outlook.office.com/SMTP.Send scope. This is the Microsoft-approved permission for sending emails via SMTP OAuth2. CardClan does not read, delete, or access your inbox.

Step 3: Confirm the Connection

The popup closes automatically and your Microsoft 365 email will appear under Connected OAuth Accounts with a Microsoft badge.

Step 4: Send a Card

All cards you send will automatically use your Microsoft 365 address as the From address — for both instant and scheduled sends.

Microsoft 365 Admin Configuration

1. Enable SMTP AUTH for the mailbox

By default, Microsoft 365 may have SMTP AUTH disabled. Your admin needs to enable it:
  1. Go to Microsoft 365 Admin Center
  2. Navigate to Users → Active users
  3. Select the user whose mailbox you want to connect
  4. Click Mail tab → Manage email apps
  5. Enable Authenticated SMTP
  6. Click Save changes
If your organisation has disabled user consent for third-party apps:
  1. Go to Azure Active Directory Admin Center
  2. Navigate to Enterprise Applications → Consent and permissions
  3. Under User consent settings, allow users to consent to apps, or pre-approve CardClan as an admin
  4. Alternatively, grant tenant-wide admin consent for CardClan’s app registration
Contact your CardClan account manager for the Application (Client) ID needed for admin consent.

Disconnecting

  1. Go to Settings → Email Accounts
  2. Find your Microsoft 365 account under Connected OAuth Accounts
  3. Click Disconnect
Cards will fall back to the default CardClan sending address.

Troubleshooting

Your Microsoft 365 organisation has restricted third-party app consent. Your IT admin needs to either enable user consent or grant admin consent for CardClan. See the Admin Configuration section above.
SMTP AUTH may be disabled for your mailbox. Ask your Microsoft 365 admin to enable Authenticated SMTP for your user account in the Microsoft 365 Admin Center.
Allow pop-ups for CardClan in your browser. In Chrome: address bar → lock icon → Site settings → Pop-ups → Allow.
Disconnect and reconnect to issue a fresh token. If the issue persists, contact support.
Contact us if you need help configuring Microsoft 365 OAuth for your organisation.