OAuth2 in a DataFlex Web Application

Question: I have seen that your lib support OAuth2 for DataFlex-Framework but only for Desktop-Clients.  Is it correct or is there any support for DataFlex-Web-Applications? Answer: The functionality Chilkat provides in desktop applications for the OAuth2 authorization code flow, is to make your desktop application behave as a temporary web server to receive the single local HTTP redirect request from […]

OAuth2 Client Credentials – for when YOUR application is accessing resources in YOUR account (not somebody else’s)

OAuth2 Client Credentials can be used for authentication when you own the application, and you also own the account (such as Office 365, or Google, etc.) that your application will access. In other words, YOUR application is simply accessing resources in YOUR account, and YOU are the application user (or your application is running as a service or background process). […]

office365.com SMTP, POP3, IMAP OAuth2 Tips, Hints, and Solutions

This page will be updated as time progresses with what we’ve learned about getting things working with OAuth2 authentication for office365.com using the email protocols: SMTP, POP3, and IMAP. How do Other Office365 Users Send Email using my App Registered in my Azure Active Directory? It’s important to understand Tenancy in Azure Active Directory Apps.   See this https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps When you […]

Microsoft Graph, Outlook, OAuth2, Resources, Audiences…

Here I’m just relaying bits of knowledge from a great Chilkat customer… “I learned meanwhile that Microsoft doesn’t like mixing “resources”, so if you request something from “Graph” resource and “Outlook” resource, they are incompatible resources, so you have to request different tokens for both, or request resource for only Graph and then refresh token only for “Outlook” resources – […]

Microsoft Azure OAuth2 Redirect URI Notes

Here are some notes regarding OAuth2 Redirect URI’s for Microsoft Azure AD apps. See https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url A few important points: You can add http://127.0.0.1, and it is preferred over http://localhost because of misconfigured firewalls or hosts file etc.   127.0.0.1 is the loopback address and localhost is just translated into 127.0.0.1. The only pitfall is that you have to add it as […]

How to Create Microsoft Graph App (in Azure Portal) for Client Credentials Authentication

1) Go to https://portal.azure.com/#home and login to your Microsoft account. Then click on Azure Active Directory 2) Click on “App registrations” Copy your Tenant ID, you’ll need it later. 3) Click on “+ New registration” 4) Name Your App and Click Register Give it a name (can be anything) and click Register.  Given that the intended authentication is by client […]

New Security Measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)”

Question:  I would like to know if Chilkat is affected by the new security measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)” https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html https://developers.google.com/identity/protocols/oauth2/native-app#redirect-uri_loopback Answer:   Chilkat does not use “oob”, so it’s not an issue. The loopback address, such as “http://localhost:port/”, remains valid if you define your app in the Google Developers Console as a “Desktop […]

SMTP / Office 365 / OAuth2 : SmtpCmdResp: 535 5.7.3 Authentication unsuccessful

Question: A customer wants to send emails with Office 365 and OAuth2 Authentication. The setup of the application in Azure is OK. It works for one user. For another user we have the following error: SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com] For authentication I use the example: https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp What is surprising is that for the second user on same PC, […]

GMail IMAP OAuth2 – A Walkthrough

This blog post covers from start to finish the process for getting a desktop application working with GMail using the IMAP protocol with OAuth2 authentication. Start here:  https://console.developers.google.com/apis/credentials (1) The first step is to create credentials.  Your app is a desktop application.  HOWEVER, you will be creating credentials as if your app is a web app. See this YouTube video […]

OAuth2 Request Access Token w/ Basic Authentication

Some OAuth2 token endpoints want the Client ID/Client Secret to be included using HTTP Basic Authentication. For example, we can look at the documentation for the GoToMeeting API at https://goto-developer.logmeininc.com/how-get-access-token-and-organizer-key You’ll see this under the “2 – Request Access Token”  in the GoTo API documentation linked above: curl -X POST “https://api.getgo.com/oauth/v2/token” \ -H “Authorization: Basic {Base64 Encoded consumerKey and consumerSecret}” […]