OAuth2 (XOAUTH2) for Custom SMTP Domains

If your organization uses Microsoft 365 or Google Workspace to send email, you can now authenticate your custom SMTP domain using OAuth2 instead of an app password.

Many organizations have disabled app passwords as a security policy, which previously made it difficult to use a custom sending address. OAuth2 solves this, authentication goes through your provider's standard authorization flow (a quick browser popup), and Journeys handles token refresh automatically in the background.

To set this up, go to Settings → Email domain, add or edit your SMTP domain, and choose OAuth2 as the authentication type.