Here I’m just relaying bits of knowledge from a great Chilkat customer… “I learned meanwhile that Microsoft doesn’t like mixing “resources”, so if you request something from “Graph” resource and “Outlook” resource, they are incompatible resources, so you have to request different tokens for both, or request resource for only Graph and then refresh token only for “Outlook” resources – […]
This post documents how to implement Modern Authentication (OAuth2) for Office365 for the IMAP, POP3, and SMTP protocols. The very first thing you’ll need to do is to create an “App Registration” in Azure Active Directory. See this Chilkat blog post for Instructions for Setting Up an App Registration in Azure for Modern Authentication for IMAP, SMTP, and POP3. It’s […]
Microsoft is deprecating Basic authentication in Exchange Online, as announced here: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online “This decision requires customers to move from apps that use basic authentication to apps that use Modern authentication. Modern authentication (OAuth 2.0 token-based authorization) has many benefits and improvements that help mitigate the issues in basic authentication. For example, OAuth access tokens have a limited usable lifetime, and […]
Question: I would like to know if Chilkat is affected by the new security measures taken by Google concerning “Loopback IP Adresses” or “OAuth out-of-band (oob)” https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html https://developers.google.com/identity/protocols/oauth2/native-app#redirect-uri_loopback Answer: Chilkat does not use “oob”, so it’s not an issue. The loopback address, such as “http://localhost:port/”, remains valid if you define your app in the Google Developers Console as a “Desktop […]
Question: A customer wants to send emails with Office 365 and OAuth2 Authentication. The setup of the application in Azure is OK. It works for one user. For another user we have the following error: SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com] For authentication I use the example: https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp What is surprising is that for the second user on same PC, […]
OAuth2 authentication for desktop apps. Many developers don’t realize that the Chilkat OAuth2 class is for desktop applications. Doing OAuth2 in a web application (where your code runs on a web server) is relatively easy and does not require Chilkat (although Chilkat can be used to assist with some mundane tasks). Working/live examples are provided on the Chilkat Tools […]
This post is about Xero OAuth2 for desktop apps, but the same concepts generally apply to all other applications (REST API apps) using OAuth2. What many developers don’t initially realize (if new to OAuth2) is that an “App” needs to be defined in the developer portal for the service (i.e. Xero in this case). For Xero, you would login to […]
This blog post covers from start to finish the process for getting a desktop application working with GMail using the IMAP protocol with OAuth2 authentication. Start here: https://console.developers.google.com/apis/credentials (1) The first step is to create credentials. Your app is a desktop application. HOWEVER, you will be creating credentials as if your app is a web app. See this YouTube video […]
Some OAuth2 token endpoints want the Client ID/Client Secret to be included using HTTP Basic Authentication. For example, we can look at the documentation for the GoToMeeting API at https://goto-developer.logmeininc.com/how-get-access-token-and-organizer-key You’ll see this under the “2 – Request Access Token” in the GoTo API documentation linked above: curl -X POST “https://api.getgo.com/oauth/v2/token” \ -H “Authorization: Basic {Base64 Encoded consumerKey and consumerSecret}” […]
There is much confusion and worry about Microsoft’s plans to disable standard password authentication for the IMAP, and POP3 protocols. Here is the announcement posted on 20-Sept-2019 on the Office 365 blog: https://developer.microsoft.com/en-us/office/blogs/end-of-support-for-basic-authentication-access-to-exchange-online-apis-for-office-365-customers/ Chilkat already supports OAuth2 for the IMAP, POP3, and SMTP protocols. (Microsoft will continue to support basic auth for SMTP) In all three protocols, an application can […]