See https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#use-client-credentials-grant-flow In my opinion, this is still too complicated. An “easy button” is needed.
It’s normal for OAuth2 access tokens to expire after some time, such as 1 hour, and then you’ll need to refresh and retry. For example, this error in the LastErrorText for a call to Pop3Authenticate could indicate the OAuth2 accces token expired: Pop3Authenticate: DllDate: Mar 28 2023 ChilkatVersion: 9.5.0.94 UnlockPrefix: *** Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 Pop3Authenticate: […]
The “client credentials” OAuth2 flow is allowed by many REST API’s for the case where a program is running in a non-interactive environment. It’s simply an HTTP POST where the client_id and client_secret are sent, and the OAuth2 access token is returned. If you have a sample CURL statement that demonstrates how to do it, you can generate Chilkat source […]
This page will be updated as time progresses with what we’ve learned about getting things working with OAuth2 authentication for office365.com using the email protocols: SMTP, POP3, and IMAP. How do Other Office365 Users Send Email using my App Registered in my Azure Active Directory? It’s important to understand Tenancy in Azure Active Directory Apps. See this https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps When you […]
Here I’m just relaying bits of knowledge from a great Chilkat customer… “I learned meanwhile that Microsoft doesn’t like mixing “resources”, so if you request something from “Graph” resource and “Outlook” resource, they are incompatible resources, so you have to request different tokens for both, or request resource for only Graph and then refresh token only for “Outlook” resources – […]
This post documents how to implement Modern Authentication (OAuth2) for Office365 for the IMAP, POP3, and SMTP protocols. The very first thing you’ll need to do is to create an “App Registration” in Azure Active Directory. See this Chilkat blog post for Instructions for Setting Up an App Registration in Azure for Modern Authentication for IMAP, SMTP, and POP3. It’s […]
Microsoft is deprecating Basic authentication in Exchange Online, as announced here: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online “This decision requires customers to move from apps that use basic authentication to apps that use Modern authentication. Modern authentication (OAuth 2.0 token-based authorization) has many benefits and improvements that help mitigate the issues in basic authentication. For example, OAuth access tokens have a limited usable lifetime, and […]
Question: I would like to know if Chilkat is affected by the new security measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)” https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html https://developers.google.com/identity/protocols/oauth2/native-app#redirect-uri_loopback Answer: Chilkat does not use “oob”, so it’s not an issue. The loopback address, such as “http://localhost:port/”, remains valid if you define your app in the Google Developers Console as a “Desktop […]
Question: A customer wants to send emails with Office 365 and OAuth2 Authentication. The setup of the application in Azure is OK. It works for one user. For another user we have the following error: SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com] For authentication I use the example: https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp What is surprising is that for the second user on same PC, […]
OAuth2 authentication for desktop apps. Many developers don’t realize that the Chilkat OAuth2 class is for desktop applications. Doing OAuth2 in a web application (where your code runs on a web server) is relatively easy and does not require Chilkat (although Chilkat can be used to assist with some mundane tasks). Working/live examples are provided on the Chilkat Tools […]