You may be looking for a way to connect an email account from a provider other than Google or Microsoft, such as Yahoo, iCloud, or a private company server using IMAP/SMTP settings.
At Klipy, we made a deliberate choice to focus exclusively on the official, direct API integrations provided by Google and Microsoft.
This article explains why this decision is central to our commitment to your security, privacy, and the overall quality of the service we provide.
Our Top Priority: Your Account Security
We built our platform on a foundation of security. This means rejecting outdated connection methods that introduce unnecessary risks.
1. The Password Storage Risk with IMAP/SMTP
Connecting via traditional IMAP/SMTP requires an application to ask for, encrypt, and store your actual email account password.
We believe this is an unacceptable risk. Storing user passwords creates a high-value target for attackers, and we have a strict policy against it.
2. The Secure API Alternative (OAuth)
In contrast, Google and Microsoft use a modern, secure standard called OAuth 2.0. When you connect your account to Klipy:
✅ Your password is never shared with us. You enter it directly on the official Google or Microsoft login page.
✅ You grant specific, revocable permissions. Think of it as a temporary valet key, not the master key to your account.
✅ You remain in full control. You can revoke our access at any time directly from your Google or Microsoft account settings.
You can see that the login screens are hosted under Google and Microsoft's official system (accounts.google.com or login.microsoftonline.com).
3. Proof Through Mandatory Audits
This API-first approach isn't just about logins; it holds vendors like us accountable.
Only API connections can be externally audited to verify that your data is handled correctly and securely.
To prove our commitment, Klipy underwent a rigorous third-party security review to gain API access. We are proud to have achieved CASA Tier 2 compliance, a verification that is not required for apps using the older IMAP protocol.
You may read more about CASA Security Standards here.
Beyond Security: The Functional Advantage of APIs
APIs don't just offer better security; they are essential for enabling Klipy to be a truly effective AI assistant.
A Complete Picture of Your Workspace
Official APIs from Google and Microsoft give Klipy secure access to the full context of your work - emails, calendar events, and contacts. This is what allows Klipy to prepare you for meetings, identify action items, and understand key relationships.
The IMAP Limitation
In contrast, the older IMAP protocol was designed almost exclusively for email. Using it would mean Klipy would be blind to your calendar and contacts, resulting in a broken and incomplete experience. We are not willing to offer a degraded service.
Our Commitment to You
Our decision to exclusively support Google Workspace and Microsoft 365 is a direct commitment to providing the most secure, reliable, and functional service possible.
We believe that compromising on security and quality by using outdated methods is not the right path forward for our users.
If you use Google Workspace or Microsoft 365, we invite you to connect your account by following our secure guides.
Navigation: