May 11, 2022

SMTP / Office 365 / OAuth2 : SmtpCmdResp: 535 5.7.3 Authentication unsuccessful

Question:

A customer wants to send emails with Office 365
and OAuth2 Authentication.

The setup of the application in Azure is OK. It works for one user.

For another user we have the following error: 
SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com]

For authentication I use the example: 
https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp

What is surprising is that for the second user on same PC, 
StartAuth() directly authenticates the user without going through Office365 consent.

Could you help me understand this problem?

Answer:

The call to StartAuth returns a URL that your application must launch in a browser to interactively get permission from the Office365 account owner to allow your application to send email. In the 1st try (with the 1st user) the browser did not have any cached credentials, or logged-in state and the login dialog is displayed. The browser then saved (cached) the credentials of the 1st user. When you re-launched the browser for the URL returned by the 2nd call to StartUrl (or perhaps launched a new tab in the existing browser), the browser automatically used the saved/cached login credentials of the 1st user. Thus you got an access token for the 1st user and if fails when attempting to use it with the 2nd user’s SMTP login.

The solution is to prevent the browser from caching the credentials of the 1st user to force the login dialog for the 2nd user. (The browser and its behavior for caching credentials is outside the control of Chilkat.)

admin
0
Tags :

Tags

ActiveX asp async asynchronous C# callbacks charset Delphi email Encryption error messages events exchange server FTP GMail HTTP IMAP IOS Java Linking MHT MIME oauth2 Office365 pfx PHP pop3 port-forwarding regsvr32 release notes RSA SFTP SMTP socket SSH SSL TLS tunnel upload vb6 VC++ x64 xades XML zip