IMAP over Oauth2 for Office 365 without user login

Question

We are trying to log into the appreg using the following but it seems to be erroring out and say Limilabs.Client.IMAP.ImapResponseException: 'AUTHENTICATE failed.'

IConfidentialClientApplication app;

app = ConfidentialClientApplicationBuilder.Create(clientID)
    .WithClientSecret(clientSecret)
    .WithAuthority(authoriseEndpoint)
    .Build();

var result = await app.AcquireTokenForClient(scopes)
    .ExecuteAsync();


using (Imap client = new Imap())
{
    client.ConnectSSL("outlook.office365.com");
    client.LoginOAUTH2(userEmail, result.AccessToken);

    client.Select("Inbox");

    var count = client.CurrentFolder.MessageCount;
    Console.WriteLine( count + " message(s) in Inbox");

    client.Close();
}

Please let us know if this is supported.

Answer 1

Mail.dll supports OAuth2. The problem you might be facing here is on the Office365 side: I think Office365 doesn't allow using ConfidentialClient with IMAP.

I'm not sure about it to be honest, but it seems that Exchange/Office365 doesn't support 'OAuth2 client credentials grant flow'.

It supports 'OAuth2 authorization code flow' and 'OAuth2 Device authorization grant flow' only - access token on behalf of a user flows.

Please contact Office365 support for clarification.

[Edit]

Consider using password grant flow:

https://www.limilabs.com/blog/oauth2-password-grant-office365-exchange-imap-pop3-smtp

-or-

https://www.limilabs.com/blog/oauth2-office365-exchange-imap-pop3-smtp