May 13, 2024

InvalidAuthenticationToken message IDX14100 JWT is not well formed, there are no dots

Question: When I try to send: Set resp = http.PostJson2(“https://graph.microsoft.com/v1.0/me/sendMail”,”application/json”,json.Emit()) I am getting this response: { “error”: { “code”: “InvalidAuthenticationToken”, “message”: “IDX14100: JWT is not well formed, there are no dots (.). The token needs to be in JWS or JWE Compact Serialization Format. (JWS): ‘EncodedHeader.EndcodedPayload.EncodedSignature’. (JWE): ‘EncodedProtectedHeader.EncodedEncryptedKey.EncodedInitializationVector.EncodedCiphertext.EncodedAuthenticationTag’.”, “innerError”: { “date”: “2024-05-13T15:26:14”, “request-id”: “…”, “client-request-id”: “…” } } } Failed, […]

OAuth2 0 1 min read
April 17, 2024

Office365 SMTP AUTH XOAUTH2 Fails with “535 5.7.3 Authentication unsuccessful”

If you successfully minted an OAuth2 access token for your Azure Entra Id App, but then it fails when attempting to use it in the SMTP protocol for sending email with the error: AUTH XOAUTH2 user=xxx auth=Bearer ********************** 535 5.7.3 Authentication unsuccessful [BN9PXXXA0336.namprd03.prod.outlook.com 2024-04-16T12:11:26.548Z 08DC9999186DF999] Check your Entra Id App Registration to make sure you have the following App Permissions:

Office365 0 20 sec read
December 24, 2023

Office365 App Setup for SMTP, POP, IMAP OAuth2 Client Credentials

This blog post walks you through the complete Azure App Registration process, including the subsequent Exchange Online PowerShell commands needed to achieve the OAuth2 client credentials flow for Office365 email sending and reading via the SMTP, IMAP, and POP3 protocols. I wish there was an “easy button”, but unfortunately it does not exist. Step 1. Register an Azure App Go […]

OAuth2 0 3 min read
November 20, 2023

OAuth2 in a DataFlex Web Application

Question: I have seen that your lib support OAuth2 for DataFlex-Framework but only for Desktop-Clients.  Is it correct or is there any support for DataFlex-Web-Applications? Answer: The functionality Chilkat provides in desktop applications for the OAuth2 authorization code flow, is to make your desktop application behave as a temporary web server to receive the single local HTTP redirect request from […]

DataFlex 0 2 min read
November 11, 2023

OAuth2 Client Credentials – for when YOUR application is accessing resources in YOUR account (not somebody else’s)

OAuth2 Client Credentials can be used for authentication when you own the application, and you also own the account (such as Office 365, or Google, etc.) that your application will access. In other words, YOUR application is simply accessing resources in YOUR account, and YOU are the application user (or your application is running as a service or background process). […]

OAuth2 0 1 min read
July 25, 2023

ASP VBscript and Office365 OAuth2 Access Token

The Chilkat.OAuth2 class is designed for desktop applications, not server-side web applications. To explain further: The call to OAuth2.StartAuth does 2 things: Returns a URL you’ll open in a browser to interactively get authorization from the service’s account owner. Starts a background thread to act as a web server for the redirect request that will be forwarded from the local […]

Uncategorized 0 1 min read
July 9, 2023

Clarifying the Desktop Application OAuth2 Flow

To clarify further: When your desktop application (or script) calls Chilkat.OAuth2.StartAuth, two things happen: It returns a URL that you need to open in a web browser to obtain authorization interactively from the account owner of the service you are integrating with. It initiates a background thread that acts as a web server to handle the redirect request sent from […]

Uncategorized 0 55 sec read
June 15, 2023

Office365 POP3 Authenticate Fails but Previously Succeeded

It’s normal for OAuth2 access tokens to expire after some time, such as 1 hour, and then you’ll need to refresh and retry. For example, this error in the LastErrorText for a call to Pop3Authenticate could indicate the OAuth2 accces token expired: Pop3Authenticate: DllDate: Mar 28 2023 ChilkatVersion: 9.5.0.94 UnlockPrefix: *** Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 Pop3Authenticate: […]

Uncategorized 0 2 min read
June 13, 2023

Getting an OAuth2 access token using “client credentials” does not require interactivity with a browser

The “client credentials” OAuth2 flow is allowed by many REST API’s for the case where a program is running in a non-interactive environment. It’s simply an HTTP POST where the client_id and client_secret are sent, and the OAuth2 access token is returned. If you have a sample CURL statement that demonstrates how to do it, you can generate Chilkat source […]

Uncategorized 0 48 sec read

Tags

ActiveX asp async asynchronous C# callbacks charset Delphi email Encryption error messages events exchange server FTP GMail HTTP IMAP IOS Java Linking MHT MIME oauth2 Office365 pfx PHP pop3 port-forwarding regsvr32 release notes RSA SFTP SMTP socket SSH SSL TLS tunnel upload vb6 VC++ x64 xades XML zip