Skip to content

SMTP Configuration

ℹ️ Minimum Controller Version: v3.1-31

SMTP Configuration for Email Services

It is possible for Cloud Providers to use their own SMTP servers for sending system-generated emails such as user registration confirmations, password resets, and alert notifications. SMTP configurations can be applied using the radm deployment tool or API-based methods.

SMTP Configuration Options

Customers can configure SMTP in either of the following ways:

Global (Controller-Level) SMTP Configuration

Configure SMTP for the entire controller by adding the following environment variables to the event-framework deployment:

- name: FW_EVENT_SMTP_SERVER_ADDR
  value: <SMTP_SERVER_ADDRESS>
- name: FW_EVENT_SMTP_SERVER_PORT
  value: "<SMTP_SERVER_PORT>"
- name: FW_EVENT_SMTP_SERVER_USERNAME
  value: <SMTP_USERNAME>
- name: FW_EVENT_SMTP_SERVER_PASSWORD
  valueFrom:
    secretKeyRef:
      key: <SMTP_PASSWORD_KEY>
      name: <SECRET_NAME>
- name: FW_EVENT_SMTP_SERVER_USE_TLS
  value: "<USE_TLS_TRUE_OR_FALSE>"
- name: FW_EVENT_SMTP_SERVER_USE_INSECURE
  value: "<USE_INSECURE_TRUE_OR_FALSE>"

Note: Without TLS enabled, authentication will not work. Username and password are required for authentication.

Partner-Level SMTP Configuration

Configure SMTP for a specific partner by logging in as a super admin and running the following API request:

curl -X POST 'https://<ops-console-url>/event/v1/email/config' \
  -b 'rsid=<SESSION_ID>' \
  --data-raw '{
    "email_config": {
      "smtp_config": {
        "username": "<SMTP_USERNAME>",
        "password": "<SMTP_PASSWORD>",
        "host": "<SMTP_SERVER_ADDRESS>",
        "port": <SMTP_PORT>,
        "use_tls": <USE_TLS_TRUE_OR_FALSE>,
        "use_insecure": <USE_INSECURE_TRUE_OR_FALSE>,
        "retries": <NUMBER_OF_RETRIES>
      }
    }
  }'

Additional SMTP Management APIs

  • Get SMTP configuration
curl 'https://<console-url>/event/v1/email/config'
-b 'rsid=***
  • Delete SMTP configuration
curl -X DELETE 'https://<console-url>/event/v1/email/config'
-b 'rsid=***'
  • Verify SMTP configuration
curl -X POST 'https://<ops-console-url>/event/v1/email/config/verification' \
  -b 'rsid=<SESSION_ID>' \
  --data-raw '{
    "sender_email": "<SENDER_EMAIL_ADDRESS>",
    "recipient_email": "<RECIPIENT_EMAIL_ADDRESS>",
    "subject": "<EMAIL_SUBJECT>",
    "body": "<EMAIL_BODY>"
  }'

Note: Partner-level configuration overrides the controller-level SMTP settings if both are defined.


Additional Configuration

Set the following environment variable in admin-api and rafay-sentry to enable email sending for events such as account or organization creation:

name: ACCOUNT_CREATION_STRATEGY
value: VERIFY

Viewing Email Activity via Audit Logs

Use audit logs to check whether email events have been processed and sent.

  • Organization-Level SYSTEMAUDIT Logs
curl 'https://<console-url>/event/v1/auditlog?&filter.timefrom=now-1h&filter.offset=0&filter.limit=10&filter.category=SYSTEMAUDIT'
-b 'rsid=***'
  • Partner-Level SYSTEMAUDIT Logs
curl 'https://<ops-console-url>/opsauditlogs/?timefrom=now-7d&category=SYSTEMAUDIT'
-b 'rsid=***'

Audit Logs in OPS Console

To enable querying Elasticsearch for audit logs in the OPS Console, configure the following environment variables in the frontend-opsconsole deployment:

- name: ES_USER_NAME
  value: elastic
- name: ES_PASSWORD
  valueFrom:
    secretKeyRef:
      key: elastic
      name: rafay-es-es-elastic-user
- name: ELASTIC_SEARCH_FQDN
  value: https://rafay-es-es-http:9200

Notes: - Confirm the ElasticSearch URL is correct. Avoid duplicate or incorrect entries. - These changes must be deployed using radm or equivalent deployment automation tools. - These configurations apply only to self-hosted/on-premises controllers.


Summary

Scope Configuration Method Description
Controller Env vars in event-framework Affects all partners and orgs if no partner-level config is set
Partner POST /event/v1/email/config Affects all organizations within the partner
Verification POST /event/v1/email/config/verification Verify SMTP before enabling workflows
Logging SYSTEMAUDIT via API Confirm email dispatch via system audit logs