OAuth 2.0 is an authentication protocol that allows applications to access your accounts on other services without sharing your password. Instead of giving SuiteCRM your Gmail password to send emails, OAuth lets SuiteCRM request a temporary access token from Google — and Google grants it only after you explicitly approve.
Think of OAuth like a hotel key card. Instead of giving a guest a copy of the master key (your password), the hotel issues a temporary card (token) that opens only specific doors (permissions) and expires after checkout (token expiry).
Google and Microsoft are actively deprecating basic authentication (username + password) for third-party applications. This means connecting SuiteCRM to Gmail, Google Calendar, Outlook, or Microsoft 365 increasingly requires OAuth 2.0 instead of passwords.
OAuth is more secure because your password is never stored in SuiteCRM’s database (only tokens), tokens have limited scope (read email vs full account access), tokens expire and must be refreshed (limiting damage if compromised), and access can be revoked at any time from Google/Microsoft without changing your password.
Gmail and Google Workspace email (SMTP/IMAP). Google Calendar synchronization. Microsoft 365 / Outlook email. SuiteCRM’s REST API authentication (external applications connecting to SuiteCRM also use OAuth 2.0).
OAuth setup involves multiple systems (SuiteCRM, Google/Azure console, DNS). TechEsperto handles OAuth configuration as part of every SuiteCRM integration project. Contact us for setup help.
