0 votes

Hello. I'm trying to follow your example https://www.limilabs.com/blog/oauth2-outlook-com-imap-installed-applications to read email with OAuth and IMAP for an Offce 365 account (a work account created by my company) but I don't get it to work.

I used the link in your example https://account.live.com/developers/applications/ to register my application. Microsoft say this page is deprecated and link to the new Azure portal. I tried both the old deprecated page and the new Azure portal to create the client id and secret, and get the same problem both times:

When I use the authorization endpoint https://login.live.com/oauth20_authorize.srf from your example then I get the error:
"unauthorized_client: The client does not exist or is not enabled for consumers"

In the Microsoft azure portal I find another authorization endpoint https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize
When I try this endpoint I get the error:
"The application X asked for scope wl.imap that doesn't exist on the resource"

Is your example supposed to work with an Office 365 account?
If yes, do you have any ideas why I'm getting errors?

by

1 Answer

0 votes

For Outlook.com you should be using:

  • auth endpoint => "https://login.live.com/oauth20_authorize.srf"
  • token endpoint => "https://login.live.com/oauth20_token.srf"
  • scopes => "wl.imap", "wl.emails", "wl.offline_access"

For Office 365:

  • Use Microsoft.Identity.Client nuget package
  • scopes => "offline_access", "email", "https://outlook.office.com/IMAP.AccessAsUser.All", "https://outlook.office.com/POP.AccessAsUser.All", "https://outlook.office.com/SMTP.Send",

Your app must be registered as described here:
https://docs.microsoft.com/en-us/graph/auth-register-app-v2

In short: on Azure Portal go to "Azure Active Directory / App Registrations / New Registration".

After registering, you need to add a new Client Secret for your registered application. You can do that using the "Certificates & secrets" menu within the "Azure Active Directory / App Registrations settings". You need to save the Client Secret value.

https://www.limilabs.com/blog/oauth2-outlook-com-imap-installed-applications

https://www.limilabs.com/blog/oauth2-outlook-com-imap-web-applications

For Office365/Exchange Online, consider reading this article:

https://www.limilabs.com/blog/oauth2-office365-exchange-imap-pop3-smtp

https://www.limilabs.com/blog/oauth2-password-grant-office365-exchange-imap-pop3-smtp

by (301k points)
edited by
I am not able to login to Office365 to read the emails.
Here is the code I am using

 using (var imap = new Imap())
                    {
                        imap.ConnectSSL("outlook.office365.com");   
                        imap.LoginOAUTH2(provider.EmailUserName, provider.AccessToken);
}

I have a valid token, I am able to send emails but not read emails.
Is there something I am missing?

Here is the error I am getting:

A9110002 NO AUTHENTICATE failed.
What scopes have you requested?
...