May 13, 2024

InvalidAuthenticationToken message IDX14100 JWT is not well formed, there are no dots

Question: When I try to send: Set resp = http.PostJson2(“https://graph.microsoft.com/v1.0/me/sendMail”,”application/json”,json.Emit()) I am getting this response: { “error”: { “code”: “InvalidAuthenticationToken”, “message”: “IDX14100: JWT is not well formed, there are no dots (.). The token needs to be in JWS or JWE Compact Serialization Format. (JWS): ‘EncodedHeader.EndcodedPayload.EncodedSignature’. (JWE): ‘EncodedProtectedHeader.EncodedEncryptedKey.EncodedInitializationVector.EncodedCiphertext.EncodedAuthenticationTag’.”, “innerError”: { “date”: “2024-05-13T15:26:14”, “request-id”: “…”, “client-request-id”: “…” } } } Failed, […]

OAuth2 0 1 min read
December 24, 2023

Office365 App Setup for SMTP, POP, IMAP OAuth2 Client Credentials

This blog post walks you through the complete Azure App Registration process, including the subsequent Exchange Online PowerShell commands needed to achieve the OAuth2 client credentials flow for Office365 email sending and reading via the SMTP, IMAP, and POP3 protocols. I wish there was an “easy button”, but unfortunately it does not exist. Step 1. Register an Azure App Go […]

OAuth2 0 3 min read
November 20, 2023

OAuth2 in a DataFlex Web Application

Question: I have seen that your lib support OAuth2 for DataFlex-Framework but only for Desktop-Clients.  Is it correct or is there any support for DataFlex-Web-Applications? Answer: The functionality Chilkat provides in desktop applications for the OAuth2 authorization code flow, is to make your desktop application behave as a temporary web server to receive the single local HTTP redirect request from […]

DataFlex 0 2 min read
November 11, 2023

OAuth2 Client Credentials – for when YOUR application is accessing resources in YOUR account (not somebody else’s)

OAuth2 Client Credentials can be used for authentication when you own the application, and you also own the account (such as Office 365, or Google, etc.) that your application will access. In other words, YOUR application is simply accessing resources in YOUR account, and YOU are the application user (or your application is running as a service or background process). […]

OAuth2 0 1 min read
December 12, 2022

office365.com SMTP, POP3, IMAP OAuth2 Tips, Hints, and Solutions

This page will be updated as time progresses with what we’ve learned about getting things working with OAuth2 authentication for office365.com using the email protocols: SMTP, POP3, and IMAP. How do Other Office365 Users Send Email using my App Registered in my Azure Active Directory? It’s important to understand Tenancy in Azure Active Directory Apps.   See this https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps When you […]

OAuth2 0 1 min read
October 30, 2022

Microsoft Graph, Outlook, OAuth2, Resources, Audiences…

Here I’m just relaying bits of knowledge from a great Chilkat customer… “I learned meanwhile that Microsoft doesn’t like mixing “resources”, so if you request something from “Graph” resource and “Outlook” resource, they are incompatible resources, so you have to request different tokens for both, or request resource for only Graph and then refresh token only for “Outlook” resources – […]

Microsoft Graph 0 51 sec read
October 24, 2022

Microsoft Azure OAuth2 Redirect URI Notes

Here are some notes regarding OAuth2 Redirect URI’s for Microsoft Azure AD apps. See https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url A few important points: You can add http://127.0.0.1, and it is preferred over http://localhost because of misconfigured firewalls or hosts file etc.   127.0.0.1 is the loopback address and localhost is just translated into 127.0.0.1. The only pitfall is that you have to add it as […]

OAuth2 0 51 sec read
August 11, 2022

How to Create Microsoft Graph App (in Azure Portal) for Client Credentials Authentication

1) Go to https://portal.azure.com/#home and login to your Microsoft account. Then click on Azure Active Directory 2) Click on “App registrations” Copy your Tenant ID, you’ll need it later. 3) Click on “+ New registration” 4) Name Your App and Click Register Give it a name (can be anything) and click Register.  Given that the intended authentication is by client […]

Client Credentials 0 1 min read
June 2, 2022

New Security Measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)”

Question:  I would like to know if Chilkat is affected by the new security measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)” https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html https://developers.google.com/identity/protocols/oauth2/native-app#redirect-uri_loopback Answer:   Chilkat does not use “oob”, so it’s not an issue. The loopback address, such as “http://localhost:port/”, remains valid if you define your app in the Google Developers Console as a “Desktop […]

OAuth2 0 51 sec read
May 11, 2022

SMTP / Office 365 / OAuth2 : SmtpCmdResp: 535 5.7.3 Authentication unsuccessful

Question: A customer wants to send emails with Office 365 and OAuth2 Authentication. The setup of the application in Azure is OK. It works for one user. For another user we have the following error: SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com] For authentication I use the example: https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp What is surprising is that for the second user on same PC, […]

OAuth2 0 1 min read

Tags

ActiveX asp async asynchronous C# callbacks charset Delphi email Encryption error messages events exchange server FTP GMail HTTP IMAP IOS Java Linking MHT MIME oauth2 Office365 pfx PHP pop3 port-forwarding regsvr32 release notes RSA SFTP SMTP socket SSH SSL TLS tunnel upload vb6 VC++ x64 xades XML zip