By setting up a custom email, Sana notification emails will be sent from your company’s email address instead of from Sana. This helps your notifications look more professional, align with your brand, and be instantly recognizable to recipients.
This article explains how to configure a custom email domain when Microsoft Exchange Online is your email provider.
What are the benefits?
Using your own domain and SMTP server provides several advantages:
Improved brand consistency and recognition
Increased trust and deliverability
Compliance with legal and industry regulations such as GDPR and the CAN-SPAM Act
How to Configure SMTP settings for Microsoft
⚠️ This process is moderately complex and must be completed in real time to avoid any disruption to email notifications. Please coordinate this change with your Engagement Manager.
You must have administrative privileges in your Microsoft Entra portal to complete the steps.
You can follow along with a video walkthrough while going through the steps below:
Step 1: Provide the required details to Sana
Share the following information with your Sana contact:
Microsoft 365 Tenant ID
Email address you want to use as the sender
You can find your Tenant ID in the Microsoft Entra Portal under:
Identity > Overview
Once these details are provided and configured by Sana, an Authorize button will appear in the Sana platform under:
Settings > Notifications
Step 2: Obtain admin consent
Click Authorize
You will be redirected to the Microsoft consent screen for the Sana Entra application, which is used to send emails from Exchange Online
After authorization, you will see an error message that includes a redirect UrI.
Share this redirect UrI with your Sana contact so it can be added to the Microsoft application configuration.
Step 3: Grant access to the Exchange Online mailbox
After admin consent has been granted:
Navigate to the Microsoft Entra Portal
Go to Identity > Applications > Enterprise Applications
Locate the Sana Exchange OAuth application
Application ID: 44de40b6-4ac2-42f1-a9da-f26d811f9e23
Once consent is granted, the Entra application’s service principal must be registered in Exchange Online.
Register the Service Principal in Exchange Online
Install and connect to Exchange Online using PowerShell:
Install-Module -Name ExchangeOnlineManagement -AllowPrerelease
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline -Organization
Register the service principal:
New-ServicePrincipal -AppId <APPLICATION_ID> -ObjectId <OBJECT_ID>
The required IDs can be found in the Overview page of the Sana Exchange Oauth app under Enterprise Applications section of the Entra portal.
To list service principals:
Get-ServicePrincipal | fl
Grant the service principal access to a mailbox:
The following example shows how to give your application's service principal access to one mailbox:
Add-MailboxPermission -Identity "[email protected]" -User <SERVICE_PRINCIPAL_ID> -AccessRights FullAccess
Enable SMTP Authentication (if disabled)
If SMTP authentication is disabled in your tenant, enable it for the mailbox:
Set-CASMailbox -Identity [email protected] -SmtpClientAuthenticationDisabled $false
Important Notes on IDs and Permissions
Different IDs are used when:
Creating the Exchange service principal
Granting mailbox permissions
Ensure that you are using the correct ID at each step. You may need the Microsoft Entra PowerShell module to retrieve these values.
Once completed, your Entra application can access the permitted mailbox using OAuth 2.0 client credentials over SMTP, POP, or IMAP.
For more information, see the instructions in Permissions and consent in the Microsoft identity platform.
Final Step: Test the Configuration
After configuration is complete:
Send a test email from the Sana learning platform.
Confirm that the email is received successfully.
Verify that the sender address matches the configured SMTP username.
Appendix: Example Exchange Online Powershell steps
The following Microsoft resources provide additional guidance on installing and using PowerShell for Exchange Online:
Required permissions for CmdLets
If you encounter an error similar to the following:
New-ServicePrincipal: The term 'New-ServicePrincipal' is not recognized as the name of a cmdlet.
This usually indicates missing permissions or required modules. In this case, you can review the following documentation:
If you need assistance at any point, contact your Engagement Manager or Sana Support with details of the step and any error messages.