Microsoft Graph, Outlook, OAuth2, Resources, Audiences…

Here I’m just relaying bits of knowledge from a great Chilkat customer… “I learned meanwhile that Microsoft doesn’t like mixing “resources”, so if you request something from “Graph” resource and “Outlook” resource, they are incompatible resources, so you have to request different tokens for both, or request resource for only Graph and then refresh token only for “Outlook” resources – […]

Microsoft Azure OAuth2 Redirect URI Notes

Here are some notes regarding OAuth2 Redirect URI’s for Microsoft Azure AD apps. See https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url A few important points: You can add http://127.0.0.1, and it is preferred over http://localhost because of misconfigured firewalls or hosts file etc.   127.0.0.1 is the loopback address and localhost is just translated into 127.0.0.1. The only pitfall is that you have to add it as […]

How to Create Microsoft Graph App (in Azure Portal) for Client Credentials Authentication

1) Go to https://portal.azure.com/#home and login to your Microsoft account. Then click on Azure Active Directory 2) Click on “App registrations” Copy your Tenant ID, you’ll need it later. 3) Click on “+ New registration” 4) Name Your App and Click Register Give it a name (can be anything) and click Register.  Given that the intended authentication is by client […]

New Security Measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)”

Question:  I would like to know if Chilkat is affected by the new security measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)” https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html https://developers.google.com/identity/protocols/oauth2/native-app#redirect-uri_loopback Answer:   Chilkat does not use “oob”, so it’s not an issue. The loopback address, such as “http://localhost:port/”, remains valid if you define your app in the Google Developers Console as a “Desktop […]

SMTP / Office 365 / OAuth2 : SmtpCmdResp: 535 5.7.3 Authentication unsuccessful

Question: A customer wants to send emails with Office 365 and OAuth2 Authentication. The setup of the application in Azure is OK. It works for one user. For another user we have the following error: SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com] For authentication I use the example: https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp What is surprising is that for the second user on same PC, […]

GMail IMAP OAuth2 – A Walkthrough

This blog post covers from start to finish the process for getting a desktop application working with GMail using the IMAP protocol with OAuth2 authentication. Start here:  https://console.developers.google.com/apis/credentials (1) The first step is to create credentials.  Your app is a desktop application.  HOWEVER, you will be creating credentials as if your app is a web app. See this YouTube video […]

OAuth2 Request Access Token w/ Basic Authentication

Some OAuth2 token endpoints want the Client ID/Client Secret to be included using HTTP Basic Authentication. For example, we can look at the documentation for the GoToMeeting API at https://goto-developer.logmeininc.com/how-get-access-token-and-organizer-key You’ll see this under the “2 – Request Access Token”  in the GoTo API documentation linked above: curl -X POST “https://api.getgo.com/oauth/v2/token” \ -H “Authorization: Basic {Base64 Encoded consumerKey and consumerSecret}” […]