Add detailed description Microsoft Graph Mailer settings
Currently the documentation for the Microsoft Graph Mailer settings at https://docs.gitlab.com/omnibus/settings/microsoft_graph_mailer/ just describes the settings within Gitlab but misses a mapping of the Microsoft Graph Mailer values to the Gitlab settings.
The required values are spread all over Microsoft Entra Admin Center (MEAC), so lets bring them together. Its also better to reorder the settings in the documentation to sort them logically.
Microsoft Graph Mailer settings
If you would rather send application emails using Microsoft Graph API with OAuth 2.0 client credentials flow, add the following configuration information to /etc/gitlab/gitlab.rb and run gitlab-ctl reconfigure.
Prerequisites:
- To use the Microsoft Graph API to send mails, you must first create an application in the Entra Admin Center, and add the
Mail.Sendapplication permission. - Set the application permissions to App-only access. Make sure the permissions are not set to Delegated.
After registering the application, you need to create a client secret for the application. Take care to save the secret somewhere as it will shown only right after creating.
Now we have all the required values and can add them to the configuration. The following placeholder needs to be substituted in your configuration:
- <YOUR_ACCOUNT_EMAIL>: Your email address (e.g. info@example.com)
- <YOUR_USER_ID>: This is the ID of your user. You will find this UUID at the overview page in Entra Admin Center on a card with your name on it in the "My feed" area.
- <YOUR_CLIENT_ID>: This is the application ID (Client) found at the overview page on the created application
- <YOUR_TENANT_ID>: This is the directory ID (Tenant) found at the overview page on the created application
- <YOUR_CLIENT_SECRET_ID>: This is the created client secret
# Enable the Microsoft Graph Mailer
gitlab_rails['microsoft_graph_mailer_enabled'] = true
# The originating email address for outgoing mail
gitlab_rails['gitlab_email_from'] = '<YOUR_ACCOUNT_EMAIL>'
# The reply-to email address
gitlab_rails['gitlab_email_reply_to'] = '<YOUR_ACCOUNT_EMAIL>'
# The unique identifier for the user.
gitlab_rails['microsoft_graph_mailer_user_id'] = "<YOUR_USER_ID>"
# The application ID that's assigned to your app. You can find this information in the portal where you registered your app.
gitlab_rails['microsoft_graph_mailer_client_id'] = "<YOUR_CLIENT_ID>"
# The directory tenant the application plans to operate against, in GUID or domain-name format.
gitlab_rails['microsoft_graph_mailer_tenant'] = "<YOUR_TENANT_ID>"
# The client secret that you generated for your app in the app registration portal.
gitlab_rails['microsoft_graph_mailer_client_secret'] = "<YOUR_CLIENT_SECRET_ID>"
gitlab_rails['microsoft_graph_mailer_azure_ad_endpoint'] = "https://login.microsoftonline.com"
gitlab_rails['microsoft_graph_mailer_graph_endpoint'] = "https://graph.microsoft.com"