Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

E-Mail-Integration with Zalion

Zalion enables secure and automated email processing to support workflows such as order confirmations, supplier communication, and structured document extraction. Depending on your email infrastructure, we support multiple integration paths — all with enterprise-grade encryption, access control, and auditing.

Option 1: Microsoft 365 via Graph API

Recommended method for Microsoft 365 customers, offering modern, secure, and fine-grained control via Microsoft Graph API.

Capabilities

  • Read access to inboxes and folders
  • Optional send capabilities
  • Webhook support for real-time email detection

Technical Requirements

  • Admin consent for the Zalion app in Azure AD
  • Mailbox access scopes (Mail.Read, Mail.ReadWrite, etc.)
  • Whitelisting of Zalion IPs for webhook communication

Security

  • OAuth 2.0 with delegated or application-only permissions
  • TLS 1.3 encrypted traffic
  • Role-based mailbox delegation
  • No password access — secure token-based model

Option 2: Google Workspace (Gmail API)

Zalion supports integration with Gmail via Google's official Gmail API, suitable for customers using Google Workspace.

Capabilities

  • Read emails, labels, threads, and attachments
  • Optional send access via Gmail Draft + Send APIs
  • Search and filter capabilities
  • Real-time notification via Gmail Watch/Webhook services

Technical Requirements

  • Google Workspace administrator must authorize Zalion's OAuth app
  • Scopes such as https://www.googleapis.com/auth/gmail.readonly or .modify
  • The Zalion project must be approved in your Google Cloud admin console

Security

  • OAuth 2.0 authentication with Google
  • All requests over TLS 1.3
  • App access can be restricted to individual mailboxes
  • No persistent credentials stored — token-based session model

Recommended for: Organizations using Gmail for supplier communication and structured messaging workflows.

Option 3: IMAP / POP3 / SMTP (Direct Server Access)

A legacy-compatible approach enabling integration with self-hosted or third-party mail servers via standard email protocols.

IMAP or POP3 (Inbound Access)

Capabilities

  • Scheduled inbox polling
  • Read and extract structured content or attachments
  • Configurable polling frequency (e.g., every 10 minutes)

Requirements

  • Server address, port, credentials
  • TLS-enabled mail access
  • Whitelisting of Zalion IP addresses

Security

  • Encrypted transmission over TLS
  • Option to restrict to read-only access
  • Restriction to specific folders or accounts

SMTP (Outbound Mail)

Capabilities

Requirements

  • SMTP credentials and server access
  • TLS required
  • Optional relay configuration to limit outbound addresses

Security

  • STARTTLS or SMTPS encryption
  • Sender domain validation supported
  • SPF/DKIM alignment recommended

Option 4: Microsoft Exchange Web Services (EWS)

For on-premise or hybrid Exchange configurations, Zalion integrates via EWS to securely retrieve and process emails.

Capabilities

  • Structured access to Exchange mailboxes
  • Filtered folder processing
  • Option for impersonation-based access

Requirements

  • EWS endpoint and service credentials
  • NTLM or basic authentication (depending on environment)
  • Firewall whitelisting

Security

  • HTTPS-encrypted (TLS 1.2+)
  • Restricted mailbox access
  • Logging via Exchange audit tools

Email Integration Overview

Method System Type Read Emails Send Emails Authentication Encryption
Microsoft Graph API Microsoft 365 (Cloud) Yes Optional OAuth 2.0 via Azure AD TLS 1.3
Gmail API Google Workspace (Cloud) Yes Optional OAuth 2.0 via Google TLS 1.3
IMAP On-premise or hosted Yes No Username/Password TLS
POP3 On-premise or hosted Yes No Username/Password TLS
SMTP On-premise or hosted No Yes Username/Password TLS
Exchange Web Services Microsoft Exchange Yes Optional NTLM/Basic Auth TLS

Security and Governance

Across all email integration options, Zalion adheres to the following principles:

  • Encryption by default (AES-256 and TLS 1.3, wherever applicable)
  • No password storage — only token-based or service authentication
  • Least privilege access — access restricted to specific mailboxes/folders
  • Auditability — all read/write operations are logged
  • Customer control — you define access scopes, folders, and data retention

During onboarding, we work with your IT and compliance teams to jointly define access permissions, mailbox mappings, and polling or webhook configurations in accordance with your policies.