Managing Akuiteo's configuration from the Administration console
Configuring the sending of emails
This screen allows you to configure the sending of emails via Akuiteo. Depending on certain actions (features, triggers, etc.), there is a sending emails system integrated in Akuiteo. Akuiteo uses the SMTP (Simple Mail Transfer Protocol) exchange protocol to send emails.
Email properties are set up in the Administration console, from Configuration > Email.
If you want to set up the email sending for both current configuration cases, please refer to:
Enter the following properties and click on Save for each information entered or modified:
| Field | Description |
|---|---|
| Process for sending emails activated |
Check this option to enable the email sending When this option is not checked, no email is send via Akuiteo. |
| SMTP host | Enter the SMTP server's address. |
| SMTP port | Define the SMTP port. |
| SMTP user | Login to connect to the SMTP server, if it is secured. |
| SMTP password | Password to connect to the SMTP server, if secured. |
| Use OAUTH authentication (Exchange 365 only) |
Enable or disable OAUTH authentication to connect to the SMTP server. This option must be enabled if Exchange 365 is used by Akuiteo in your organization. Otherwise, it must be disabled. |
| Use Graph API Library |
Check this box if you use the Microsoft Graph API. For more information about Microsoft graph configuration, refer to Configuration for Microsoft Graph. |
| Tenant ID |
This field must be entered if Use OAUTH authentication (Exchange 365 only) or Use Graph API Library is enabled. Enter the tenant ID provided by Microsoft for the OAUTH authentication or the connection to the Microsoft Graph API. |
| Client ID |
This field must be entered if Use OAUTH authentication (Exchange 365 only) or Use Graph API Library is enabled. Enter the client ID for the OAUTH authentication or the connection to the Microsoft Graph API. |
| Client Secret |
This field must be entered if Use OAUTH authentication (Exchange 365 only) or Use Graph API Library is enabled. Enter the client secret for the OAUTH authentication or the connection to the Microsoft Graph API. |
| Using the STARTTLS command | At the start of the exchange, it allows you to use a STARTTLS command to encrypt the exchange. |
| Mail postmaster |
If the Force postmaster as sender of all emails parameter is checked, specify the email address used as sender of all emails sent. This email address cannot match with another existing email address, for example donotrespond@akuiteo.com. |
| Force postmaster as sender of all emails |
Allows you to set a "postmaster" email address as sender of all emails sent. Important For security reasons, check this option. If the option is not checked, the email address of the connected user is used as sender for each email sent. |
| Maximum time after which the system no longer sends default emails |
If a sending email is in error status, the server tries to send this email during a certain time in seconds, specified in this property. Passed this time, if the sending email is still in error status, the email will not be send. |
| Time interval between sending two email campaign |
Specify the time, in seconds, between two email campaigns Example If the specified interval is 20 seconds, the sending email process will be executed every 20 seconds. |
| Time period (in days) for keeping emails in database |
Allows you to purge the table containing the stocked emails. At each execution of the sending emails process, emails dated of more than X days (X being the value specified in the property) will be deleted. |
| During start, does not send pending emails | Check this option so it will not send the pending emails at the server starting and so avoiding the overload. |
Configuring for Office 365
Accessing the Azure portal
| 1 | In a web browser, enter the following address https://portal.azure.com/ and log in as an administrator. |
| 2 | In the home page, click on Azure Active Directory. |
Registering Akuiteo in the Azure AD's directory
| 1 | Click on App registrations from the left menu, then click on New registration. |
| 2 | Give a Name to this new registration (Akuiteo Exchange 365 for example) and leave the Accounts in this organizational directory only (XXX only - Single tenant) option checked. Click on Register. |
The app page is displayed.
| 3 | Copy the following information: |
- Application ID (customer)
- Directory ID (tenant)
To do so, hover over each field then click on the icon that enables you to copy the information to the clipboard. Keep this information in a separate document.
Creating a "client secret" to identify the Akuiteo server
| 1 | Click on Certificates & secrets from the left menu, then click on New client secret. |
| 2 | Enter a Description ( Secret client Akuiteo for example) then select an Expiration date for the key, depending on your security policy. Click on Add. |
Important
When the expiration date is reached, you must create a new "client secret".
| 3 | Hover over the Value field then click on the button to copy the information to the clipboard. Keep this information in a separate document. |
Important
You must copy these values right after creating the client secret because the information will not be accessible afterward and you must generate a new client secret.
Requesting API permissions
| 1 | From the API permissions menu, click on Add an authorization then on APIs used by my organization. |
| 2 | From the APIs list, search and click on the Office 365 and Exchange Online API, then click on Application authorizations. |
| 3 | From the authorizations list, check the full_access_app authorization then click on the Add authorizations button. |
| 4 | From the Configured permissions page, click on the Grant admin consent for XXX button, then click on Yes to confirm. |
Configuring the Administration console in Akuiteo
In the Administration console from Configuration > Email, fill in the following fields then click on Save for each information specified or modified:
| Field | Description |
|---|---|
| Process for sending emails activated | Check this option to enable the email sending |
| SMTP host | Empty |
| SMTP port | Empty |
| SMTP user | Empty |
| SMTP password | Empty |
| Use OAUTH authentication (Exchange 365 only) | Check this box. |
| Tenant ID | Enter the Directory ID (tenant) value from Azure. |
| Client ID | Enter the Directory ID (customer) value from Azure. |
| Client Secret | Enter the Value of the client secret from Azure. |
| Using the STARTTLS switch | Check this box |
| Mail postmaster |
If the Force postmaster as sender of all emails is checked, fill in the email address used as sender of all emails sent. This email address cannot match with another existing email address, for example donotrespond@akuiteo.com. |
| Force postmaster as sender of all emails |
Check this box if you want to use a "postmaster" email address as sender of all sent emails. Important For security reasons, check this option. If the option is not checked, the email address of the connected user is used as sender for each email sent. |
| Maximum time after which the system no longer sends default emails | Default value |
| Time interval between sending two email campaign | Default value |
| Time period (in days) for keeping emails in database | Default value |
| At the starting, do not send the pending emails | Default value |
Configuration for Microsoft Graph
Accessing the Azure portal
| 1 | In a web browser, enter the following address https://portal.azure.com/ and log in as an administrator. |
| 2 | In the home page, click on Microsoft Entra ID. |
Registering Akuiteo in the Azure AD's directory
| 1 | Click on App registrations from the left menu, then click on New registration. |
| 2 | Give a Name to this new registration (for example Akuiteo Microsoft Graph Mail) and leave the Accounts in this organizational directory only (XXX only - Single tenant) option checked. Click on Register. |
The app page is displayed.
| 3 | Copy the following information: |
- Application ID (customer)
- Directory ID (tenant)
To do so, hover over each field then click on the icon that enables you to copy the information to the clipboard. Keep this information in a separate document.
Creating a "client secret" to identify the Akuiteo server
| 1 | Click on Certificates & secrets from the left menu, then click on New client secret. |
| 2 | Enter a Description ( Secret client Akuiteo for example) then select an Expiration date for the key, depending on your security policy. Click on Add. |
Important
When the expiration date is reached, you must create a new "client secret".
| 3 | Hover over the Value field then click on the button to copy the information to the clipboard. Keep this information in a separate document. |
Important
You must copy these values right after creating the client secret because the information will not be accessible afterward and you must generate a new client secret.
Requesting API permissions
| 1 | From the API permissions menu, click on Add an authorization then on Microsoft Graph API. |
| 2 | Click on Application permissions. |
| 3 | From the authorizations list, check the Mail.ReadWrite and Mail.Send authorization then click on the Add authorizations button. |
| 4 | From the Configured permissions page, click on the Grant admin consent for XXX button, then click on Yes to confirm. |
Configuring the Administration console in Akuiteo
In the Administration console, from
Configuration for Google Workspace
Setting up Google Workspace
| 1 | In a web browser, enter the following address https://admin.google.com to access the Google administration console and login as an administrator. |
| 2 | Create a user account dedicated to the sending of emails if it is not already done: |
- From the Home tab, click on Add a user.
- Enter the account information.
- Click on ADD A NEW USER button.
- Click on COPY NEW PASSWORD to resume the password of the created user.
- Log off the administration console and log in a first time with this new account to the following address https://www.google.fr/.
- Log off again and go back to the administration console.
| 3 | From the Security > Access and data control > Less secured applications menu, check Authorize users to manage their access to the less secured applications, then click on SAVE. |
| 4 | Log off the administration console and log in as the dedicated user to the following address https://www.google.fr. |
| 5 | Access the following address https://www.google.com/settings/security/lesssecureapps and enable the "Authorize applications less secured" parameter. |
Configuring the Administration console in Akuiteo
In the Administration console from Configuration > Email, fill in the following fields then click on Save for each information specified or modified:
| Field | Description |
|---|---|
| Process for sending emails activated | Check this option to enable the email sending |
| SMTP host | Enter: smtp.gmail.com |
| SMTP port | Enter: 587 |
| SMTP user | Enter the email address of the user dedicated to the sending of emails. |
| SMTP password | Enter the password of the dedicated user. |
| Use OAUTH authentication (Exchange 365 only) | Unchecked box. |
| Tenant ID | Empty |
| Client ID | Empty |
| Client Secret | Empty |
| Using the STARTTLS switch | Check this box |
| Mail postmaster |
If the Force postmaster as sender of all emails is checked, fill in the email address used as sender of all emails sent. This email address cannot match with another existing email address, for example donotrespond@akuiteo.com. |
| Force postmaster as sender of all emails |
Check this box if you want to use a "postmaster" email address as sender of all sent emails. Important For security reasons, check this option. If the option is not checked, the email address of the connected user is used as sender for each email sent. |
| Maximum time after which the system no longer sends default emails | Default value |
| Time interval between sending two email campaign | Default value |
| Time period (in days) for keeping emails in database | Default value |
| At the starting, do not send the pending emails | Default value |
Configuring files controls
Akuiteo's users can upload files in the web portals in order to, for example, justify an expense report or give additional information.
| 1 | From the Administration console, go to Configuration > Files control and specify configuration information: |
| Field | Description |
|---|---|
| Maximal size authorized per attachment |
Specify the maximal size, in octet, authorized for attachments. |
| List of authorized extensions when uploading a file (empty = all). List separated by , without the . | Specify the authorized extensions for the upload. |
| List of prohibited extensions when uploading a file (empty = none). List separated by , without the . | Specify the banned extensions for the upload. |
| 2 | For each field specified, click on Save. |
Files controls are configured.
Configuring the CatchMail
The CatchMail must first be configured from the Administration console in order to be used.
Reference
For more information about the CatchMail, refer to Introduction to the CatchMail.
| 1 | From the Administration console, go to Configuration > CatchMail to specify the configuration information: |
| Parameters | Functions |
|---|---|
| CatchMail setup section | |
| Use CatchMail | Must be checked to enable the feature. |
| Akuiteo user |
Specify the CatchMail user name configured in the Desktop Application. Ex: CATCH |
| Akuiteo password | Specify the password of the user. |
| Starting period (20s by default) |
Enter a period to take into account to start the Catch Mail service after the server has been started. In seconds. Ex: 20 |
| Email analysis interval (60s by default) |
Enter the interval between each check for new emails. In seconds. Ex: 60 |
| Use OAUTH authentication (Exchange 365 only) |
Enable or disable OAUTH authentication to connect to Exchange. This option must be enabled if Exchange 365 is used by Akuiteo in your organization. Otherwise, it must be disabled. |
| Use Graph API Library |
Check this box if you use the Microsoft Graph API. For more information about Microsoft graph configuration, refer to Configuration for Microsoft Graph. |
| Tenant ID |
This field must be entered if Use OAUTH authentication (Exchange 365 only) or Use Graph API Library is enabled. Enter the tenant ID provided by Microsoft for the OAUTH authentication or the connection to the Microsoft Graph API. |
| Client ID |
This field must be entered if Use OAUTH authentication (Exchange 365 only) or Use Graph API Library is enabled. Enter the client ID for the OAUTH authentication or the connection to the Microsoft Graph API. |
| Client Secret |
This field must be entered if Use OAUTH authentication (Exchange 365 only) or Use Graph API Library is enabled. Enter the client secret for the OAUTH authentication or the connection to the Microsoft Graph API. |
| Location of the Gmail credential key for Catchmail |
This field must be specified if you use Gmail authentication with a Gmail credential key. Specify the location of the Gmail credential key provided by Google from https://console.cloud.google.com/. Ex: c:/keys/catchmail.json |
| Email account setup section | |
| Setup name |
Name your configuration (optional). Ex: ConfigCatchMail |
| Account email |
Specify the email address of the account used for Catch Mail. Ex: catchmail@akuiteo.com |
| Type of email account |
Select the type of email. Ex: EXCHANGE or POP3 |
| Mail server address |
If EXCHANGE: Specify the Exchange Web Service address. Ex: https://serveraddress/EWS/exchange.asmx If POP3: Specify the POP3 server address. Ex: mail.serveraddress.net |
| Mail server port |
If EXCHANGE: Specify the email server port. Ex: 443 (if secured) If POP3: Enter the POP3 server port. Ex: 110 for POP, 995 for POP SSL |
| Is secured | Check this box if the mail server uses a secure port. |
| User |
Specify the email address of the account used for Catch Mail. Ex: catchmail@akuiteo.com |
| Password | Specify the password linked to this account. |
| Inbox | Specify the directory in which emails from your account will be saved. |
| Test connection to the Catch mail interface using the specified values | Click on the link to check the configuration. |
| 2 | Save then restart the Tomcat server. |
Configuration for Microsoft Graph
Accessing the Azure portal
| 1 | In a web browser, enter the following address https://portal.azure.com/ and log in as an administrator. |
| 2 | In the home page, click on Microsoft Entra ID. |
Registering Akuiteo in the Azure AD's directory
| 1 | Click on App registrations from the left menu, then click on New registration. |
| 2 | Give a Name to this new registration (for example Akuiteo Microsoft Graph CatchMail) and leave the Accounts in this organizational directory only (XXX only - Single tenant) option checked. Click on Register. |
The app page is displayed.
| 3 | Copy the following information: |
- Application ID (customer)
- Directory ID (tenant)
To do so, hover over each field then click on the icon that enables you to copy the information to the clipboard. Keep this information in a separate document.
Creating a "client secret" to identify the Akuiteo server
| 1 | Click on Certificates & secrets from the left menu, then click on New client secret. |
| 2 | Enter a Description ( Secret client Akuiteo for example) then select an Expiration date for the key, depending on your security policy. Click on Add. |
Important
When the expiration date is reached, you must create a new "client secret".
| 3 | Hover over the Value field then click on the button to copy the information to the clipboard. Keep this information in a separate document. |
Important
You must copy these values right after creating the client secret because the information will not be accessible afterward and you must generate a new client secret.
Requesting API permissions
| 1 | From the API permissions menu, click on Add an authorization then on Microsoft Graph API. |
| 2 | Click on Application permissions. |
| 3 | From the authorizations list, check the Mail.Read authorization then click on the Add authorizations button. |
| 4 | From the Configured permissions page, click on the Grant admin consent for XXX button, then click on Yes to confirm. |
Configuring the Administration console in Akuiteo
In the Administration console, from
Configuring webhooks
A webhook is used to notify an external system of an event occurring in Akuiteo. The goal is to exploit data from detected events.
Example
If a system external to Akuiteo is used to manage human resources, a webhook can be set up to notify this external system of the creation or deletion of employees.
In the context of webhooks, an event is composed of two major elements:
- The concerned object (ex: an employee, an expense, etc.);
- The action performed on this object (ex: creation, modification, deletion).
When a webhook is configured to detect a certain event and that event occurs, the webhook sends a request to a web address called an endpoint.
An endpoint is a hypertext link on an external server that is used to receive requests sent by webhooks.
Each request contains data about the event that occurred, or at least the ID of the object associated with the event.
The webhook detects events in all of Akuiteo. For example, it is not possible to configure a webhook that detects an event performed by a particular user.
The webhooks are configured i the Administration console, from Configuration > Webhooks.
Creating a webhook
| 1 | In the Webhooks screen, click on New webhook. |
| 2 | Enter the information in the Properties section: |
| Field | Description |
|---|---|
| Name | Enter a label to name the webhook. |
| Endpoint (URL) |
Enter the link corresponding to the endpoint of the webhook. The endpoint is the hypertext link on the server that receives the requests sent by the webhook. |
| Active |
You can enable or disable the webhook by clicking on the option. the webhook must be enabled in order to work. If it is disabled, it will not work or send any request. A webhook can be enabled anytime from the Webhooks screen. |
| 3 | Enter the information in the Security section: |
| Field | Description |
|---|---|
| Secret |
Enter the secret if the endpoint uses a secret. Important The endpoint must be an HTTPS website for the secret to work. Note The signature is generated with the HMAC-SHA256 cryptographic protocol in Base64. BehaviorWhen a request is sent by the webhook using a secret, it contains a signature as a header. This signature is a unique combination that depends mathematically on the content of the request and the secret used. The external system receiving the request can be programmed to check this signature. In that case, the system will try to regenerate the signature using the content of the request and the secret:
|
| Header name |
Enter the header name if the endpoint uses a security header. The header is a security element that can be used by the endpoint to only accept webhook requests that contain this header and its value entered in the Header value field. |
| Header value |
Specify the value linked to the entered header in the Header name field if the endpoint uses a security header. If the header value entered in the Header value field is different to the one expected by the endpoint, the request might be considered unauthentic and not coming from Akuiteo. |
| 4 | Enter the information in the Event section: |
| Field | Description |
|---|---|
| Event type |
Select the event type from the drop-down list. The event type corresponds to the type of the object to which the webhook must detect a certain action (ex: an employee, an expense, etc.). |
| Event action(s) |
Select the event action from the drop-down list. It is the action for which the webhook must send a request every time it occurs on the relevant object type (ex: creation, modification, deletion). |
| 5 | Click on Create. |
The webhook is created. It must be enabled in order to work.
Modifying a webhook
| 1 | On the webhook line, click on  . |
| 2 | Modify the desired information. |
| 3 | Click on Update. |
The webhook is modified.
Configuring the login properties
Under the Akuiteo's login credentials section, enter the user credentials in order to connect to Akuiteo in the context of webhooks.
| Field | Description |
|---|---|
| Akuiteo user |
Enter the ID of the user that processes the webhooks and click on Save. It is advised to enter a technical user, that is a user for which Technical user? is checked on the Desktop Application then in People > User management. |
| Akuiteo password |
Enter the password of the user that processes the webhooks and click on Save. |
| Timeout (endPoint) | It is used to enter the duration (in ms) from which the webhook stops waiting for a response from the server then click on Save. |
| Maximum number of attempts (1-8) |
Specify the maximum number of attempts in case of failure of the request. A request is considered as failed when the HTTP code of the response obtained starts with a number different from 2. |
| Production retry mode |
This option is used to define the behavior of retries in case of failure of requests. The option is checked by default. When the option is checked, the interval between each retry increases exponentially between each retry. The calculation formula of this time is: Timeout (endPoint) + try number4 This behavior is recommended if you use webhooks in real conditions because it better manages the simultaneous use of many webhooks. When the option is unchecked, the interval between each retry is 3 seconds. This behavior is recommended only if you want to test webhooks in a test environment because it reduces the interval between retries. |
Click on the Test button to test the connection to the Webhook interface using the values specified.
Viewing the webhook requests
The following columns present information about responses to webhook requests.
| Field | Description |
|---|---|
| Latest response |
Displays the HTTP response code of the latest request sent by the webhook. If the code obtained starts with 2, the request has succeeded and the cell is green. If the code obtained starts with 4, the request has failed and the cell is red. If the code obtained is N/A, the request has not been send yet. |
| Successful calls | Displays the number of requests that have successfully reached the endpoint. |
| Total no. of calls | Displays the number of times the webhook has detected an event and has then sent a request to the endpoint. |
| Log |
The The log is a .log extension text file that contains the history of all the requests made by the webhook. You can open it with a text editor. |
icon in this column allows you to download the log file of the webhook.Refreshing a webhook
It is possible to refresh a webhook without having to recharge the whole page on which they are located.
On the line of the webhook, click on 
in the Actions column.
Deleting a webhook
Important
Deleting a webhook cannot be reversed.
On the webhook line, click on 
in the Actions column and confirm the deletion.
Configuring the proxy
A proxy is a server that acts as a gateway between a computer and servers outside the organization.
If your organization has set up a proxy, it is possible to specify it in the Administration console so that Akuiteo uses this proxy to connect to external APIs: Arkhineo, Universign, Chorus, and so on.
The proxy is entered in the Administration console, from Configuration > Proxy configuration.
To enter the proxy:
| 1 | On the PROXY configuration page, enter the following information: |
| Field | Description |
|---|---|
| Proxy URL |
Enter the IP address and the proxy port. Ex: http://10.69.20.73:9999 |
| Proxy UserName | Specify the username in order to connect to the proxy. |
| Proxy Password | Specify the password in order to connect to the proxy. |
| 2 | For each element entered, click on Save. |
The proxy is configured.
Configuring feature flags
A feature flag is used to enable a feature in Akuiteo. Since this feature can have an impact on what is already available, Akuiteo lets this feature available to users only through an enable/disable tool in order to minimize any impact the feature could have on a customer environment and to be able to test it before using it in a production environment. However, a feature flag is not designed to stay and will be made standard as soon as possible.
Feature flags are available and can be enabled from the Administration console > Configuration > Features.
The Features menu shows the list of all the feature flags available for Akuiteo's current revision. Enable the desired feature flag(s) from the Active column, then log in again to access the new features.
When a feature that requires a feature flag is made standard from a revision onwards, this feature becomes available to all users of this revision and the following ones. The feature flag is removed from the list in the Administration console.
Some features conditioned by feature flag will require a specific setup (setup, DMF, and so on). However, for users that have already enabled a feature flag, there will be nothing more to do when it is made standard. Any setup, customization or other actions done for the feature with the feature flag will not have to be done a second time once it is made standard.
