Office365 SMTP AUTH XOAUTH2 Fails with “535 5.7.3 Authentication unsuccessful”

If you successfully minted an OAuth2 access token for your Azure Entra Id App, but then it fails when attempting to use it in the SMTP protocol for sending email with the error: AUTH XOAUTH2 user=xxx auth=Bearer ********************** 535 5.7.3 Authentication unsuccessful [BN9PXXXA0336.namprd03.prod.outlook.com 2024-04-16T12:11:26.548Z 08DC9999186DF999] Check your Entra Id App Registration to make sure you have the following App Permissions:

How to Troubleshoot Office365 IMAP AUTHENTICATE XOAUTH2 Failed

Question: We have an issue reading mail and we see the below error message in log Login: DllDate: Oct 27 2023 ChilkatVersion: 9.5.0.96 UnlockPrefix: *** UnlockStatus: 2 Architecture: Little Endian; 32-bit Language: *** VerboseLogging: 0 imapServer: outlook.office365.com loginX(2219ms): login: abc@example.com greeting: * OK The Microsoft Exchange IMAP4 service is ready. [***] authenticateXOAuth2(2219ms): xoauth2Imap(2219ms): ConnectionType: SSL/TLS ImapCmdSent: aaab AUTHENTICATE XOAUTH2 ImapCmdResp: […]

Office365 App Setup for SMTP, POP, IMAP OAuth2 Client Credentials

This blog post walks you through the complete Azure App Registration process, including the subsequent Exchange Online PowerShell commands needed to achieve the OAuth2 client credentials flow for Office365 email sending and reading via the SMTP, IMAP, and POP3 protocols. I wish there was an “easy button”, but unfortunately it does not exist. Step 1. Register an Azure App Go […]

ASP VBscript and Office365 OAuth2 Access Token

The Chilkat.OAuth2 class is designed for desktop applications, not server-side web applications. To explain further: The call to OAuth2.StartAuth does 2 things: Returns a URL you’ll open in a browser to interactively get authorization from the service’s account owner. Starts a background thread to act as a web server for the redirect request that will be forwarded from the local […]

Office365 SMTP: 535 5.7.139 Authentication unsuccessful, SmtpClientAuthentication is disabled for the Tenant.

This blog post is about the following error encountered when trying to send email via Chilkat.MailMan.SendEmail (using the SMTP protocol). smtpAuthenticate: smtp_host: smtp.office365.com smtp_port: 587 smtp_user: **** smtpAuthenticate: login_method: XOAUTH2 auth_xoauth2: username: **** sendCmdToSmtp: SmtpCmdSent: {PasswordOrCredentials} –sendCmdToSmtp readSmtpResponse: SmtpCmdResp: 535 5.7.139 Authentication unsuccessful, SmtpClientAuthentication is disabled for the Tenant. Visit https://aka.ms/smtp_auth_disabled for more information. [****.PROD.OUTLOOK.COM 2023-07-03T11:15:43.462Z ****] –readSmtpResponse –auth_xoauth2 Failed […]

Office365 POP3 Authenticate Fails but Previously Succeeded

It’s normal for OAuth2 access tokens to expire after some time, such as 1 hour, and then you’ll need to refresh and retry. For example, this error in the LastErrorText for a call to Pop3Authenticate could indicate the OAuth2 accces token expired: Pop3Authenticate: DllDate: Mar 28 2023 ChilkatVersion: 9.5.0.94 UnlockPrefix: *** Architecture: Little Endian; 32-bit Language: ActiveX VerboseLogging: 1 Pop3Authenticate: […]

office365.com SMTP, POP3, IMAP OAuth2 Tips, Hints, and Solutions

This page will be updated as time progresses with what we’ve learned about getting things working with OAuth2 authentication for office365.com using the email protocols: SMTP, POP3, and IMAP. How do Other Office365 Users Send Email using my App Registered in my Azure Active Directory? It’s important to understand Tenancy in Azure Active Directory Apps.   See this https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps When you […]

Create Azure App Registration for use with IMAP, POP3, and SMTP

1) Go to https://portal.azure.com/#home and login to your Microsoft account. then go to Azure Active Directory.   2) Click On App Registrations * Copy your Tenant ID, you’ll need it later. 3) Click on “+ New registration” 4) Name your App and Click Register. Give it a name. For the Redirect URI, select “Web” and then use “http://localhost:3017/”. Your application […]

smtp.office365.com – Failed to get initial SMTP Response

If something on the client-side is blocking communications, such as a hardware or software firewall, or anti-virus, then it may be that a TLS connection is established, but then trying to read the 1st message from the server gets blocked.  When this happens, the contents of the LastErrorText look like this.   (The LastErrorText for a successful connection is shown below.) […]

SMTP / Office 365 / OAuth2 : SmtpCmdResp: 535 5.7.3 Authentication unsuccessful

Question: A customer wants to send emails with Office 365 and OAuth2 Authentication. The setup of the application in Azure is OK. It works for one user. For another user we have the following error: SmtpCmdResp: 535 5.7.3 Authentication unsuccessful [****.****.prod.outlook.com] For authentication I use the example: https://www.example-code.com/powerbuilder/office365_oauth2_access_token.asp What is surprising is that for the second user on same PC, […]