Hi. I'm trying to set-up the ISM email listener to create incidents from a gmail inbox. It only works if I use Authentication: Plain (Or Authentication: Auto, which seems to negotiate down to Plain) . And, in order to get it to work with Plain, I have to go into the gmail account and enable something Google calls "Less secure app access". I don't want to tell my customer that the Ivanti system requires us to configure the gmail account to use "less secure access". Is there a better alternative?
I'm not finding a combination that works with this enabled either. Google doesn't seem to be very clear as to what the technical details are to be able to meet their security standards. Have you found any solid information on what we'd need? If so we can certainly get an enhancement request going, or see if it might be possible in the current code with some sort of modification to the config or other workaround.
My other thought is that in my experience, most of the security conscious folks using ISM don't think highly of having Google read all their emails and opt for Exchange Web Services method and an exchange server (either in MS cloud or in their own environment).