Bitwarden Self Hosted - OAuth2 & SMTP

Hi! I’m working on setting up Bitwarden Self-Hosted at my organization, and we are interested in using Microsoft’s OAuth2 flow to authenticate outbound SMTP email to our Exchange Online tenant. Microsoft has documentation on this but I couldn’t find anything for setting this up within Bitwarden. Is this something that can be done?

Thanks! :slight_smile:

Hi @alfonsojon, thanks for reaching out!

Bitwarden does not support OAuth for email, only SMTP. As far as we know, SMTP AUTH is still available to send messages through Microsoft, but you should research before enabling and configuring for your Bitwarden self-hosted server. From Microsoft: Setup for SMTP AUTH, and setup for the device. This option is usually not turned on by default. As always, the setup for Bitwarden server settings is in our FAQs here.


Thank you! We are currently setting this up using SMTP auth, and this answers my question.

Per their documentation, it appears that they only support SSL for encrypted traffic. I would like to avoid the situation where we are sending unencrypted email. Is it possible for Bitwarden to send email via encrypted TLS on port 587 instead of SSL on port 465?

I found another thread where there seems to be some confusion on this as well here: How to set self-hosted bitwarden to use TLS for mail - Ask the Bitwarden Community - Bitwarden Community Forums

Thank you!

You can set your environment variables to use TLS by disabling SSL
globalSettings__mail__smtp__ssl=false in global.override.env

You will need to specify the port in either case with globalSettings__mail__smtp__port= , so yes, this is possible. Check out our Help Center documentation on environment variables for some more info. :slightly_smiling_face:

Thanks for your response - I ended up running through our local SMTP relay. Something goofy is going on with our public IP & Microsoft not wanting to listen, it seems :laughing:

SMTP relay works great, we will work on getting encrypted traffic direct to Microsoft figured out soon enough.

Thanks again!

Not super relevant to Bitwarden specifically but I know we have used the SMTP Connector option 3.

Not super sure how Bitwarden handles SMTP without any auth, but it helps to tend to get on-prem local SMTP into Exchange Online especially for older devices, printers, etc that don’t support modern auth.
Though this does require you have a static IP range, though you may already have this for your business.

Just another option that might help, also does eat into an expensive O365 license.

estimados asociado a la consulta como podria configurar smtp relay a bitwarden, ya que no logro que mi server envie correos