{"id":6211,"date":"2022-07-08T12:23:20","date_gmt":"2022-07-08T10:23:20","guid":{"rendered":"https:\/\/www.limilabs.com\/blog\/?p=6211"},"modified":"2025-01-29T10:27:03","modified_gmt":"2025-01-29T08:27:03","slug":"oauth2-client-credential-flow-office365-exchange-imap-pop3-smtp","status":"publish","type":"post","link":"https:\/\/www.limilabs.com\/blog\/oauth2-client-credential-flow-office365-exchange-imap-pop3-smtp","title":{"rendered":"OAuth 2.0 client credential flow with Office365\/Exchange IMAP\/POP3\/SMTP"},"content":{"rendered":"\n<div class=\"well\">\nIn this series:\n<p>&nbsp;<\/p>\n<ul>\n<li><a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-office365-exchange-imap-pop3-smtp\">OAuth 2.0 with Office365\/Exchange IMAP\/POP3\/SMTP<\/a><\/li>\n\n<li><a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-web-flow-office365-exchange-imap-pop3-smtp\">OAuth 2.0 web flow with Office365\/Exchange IMAP\/POP3\/SMTP<\/a><\/li>\n\n<li><a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-password-grant-office365-exchange-imap-pop3-smtp\">OAuth 2.0 password grant with Office365\/Exchange IMAP\/POP3\/SMTP<\/a><\/li>\n\n<li><a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-device-flow-office365-exchange-imap-pop3-smtp\">OAuth 2.0 device flow with Office365\/Exchange IMAP\/POP3\/SMTP<\/a><\/li>\n\n<li>OAuth 2.0 client credential flow with Office365\/Exchange IMAP\/POP3\/SMTP<\/li>\n\n<\/ul><\/div>\n\n\n\n<p>This article shows how to implement OAuth 2.0 client credential flow to access Office365 via IMAP, POP3  using <a href=\"\/mail\" title=\"Mail.dll email client\">Mail.dll .net email client<\/a>. This flow is particularly useful for daemon\/service apps that need to monitor certain mailboxes, without any user interaction.<\/p>\n\n\n\n<p><strong>Make sure IMAP\/POP3 is enabled<\/strong> for your organization and mailbox:<br><a href=\"\/blog\/office365-enable-imap-pop3-smtp\" title=\"Enable IMAP\/POP3\/SMTP on Office365\">Enable IMAP\/POP3\/SMTP in Office 365<\/a><\/p>\n\n\n\n<p><strong>Register your application in Azure Portal<\/strong>, here&#8217;s a detailed guide how to do that:<br><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/quickstart-register-app\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/quickstart-register-app<\/a> <\/p>\n\n\n\n<p><strong>Add permissions<\/strong> to your application in the&nbsp;<strong>API permissions<\/strong> \/ <strong>Add a permission&nbsp;<\/strong>wizard:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-5.png\"><img loading=\"lazy\" decoding=\"async\" width=\"740\" height=\"434\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-5.png\" alt=\"\" class=\"wp-image-6220\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-5.png 740w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-5-300x176.png 300w\" sizes=\"(max-width: 740px) 100vw, 740px\" \/><\/a><\/figure>\n\n\n\n<p>Select&nbsp;<strong><strong>APIs my organization uses<\/strong><\/strong>&nbsp;and search for <strong>&#8220;<em>Office 365 Exchange Online<\/em>&#8220;<\/strong>:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-4.png\"><img loading=\"lazy\" decoding=\"async\" width=\"702\" height=\"290\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-4.png\" alt=\"\" class=\"wp-image-6219\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-4.png 702w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-4-300x124.png 300w\" sizes=\"(max-width: 702px) 100vw, 702px\" \/><\/a><\/figure>\n\n\n\n<p>&#8230;then click&nbsp;<strong>Application permissions<\/strong>:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-3.png\"><img loading=\"lazy\" decoding=\"async\" width=\"831\" height=\"722\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-3.png\" alt=\"\" class=\"wp-image-6218\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-3.png 831w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-3-300x261.png 300w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-3-768x667.png 768w\" sizes=\"(max-width: 831px) 100vw, 831px\" \/><\/a><\/figure>\n\n\n\n<p>For POP access, choose the&nbsp;<strong>POP.AccessAsApp<\/strong>&nbsp;permission.<br>For IMAP access, choose the&nbsp;<strong>IMAP.AccessAsApp<\/strong>&nbsp;permission.<br>For SMTP access, choose the&nbsp;<strong><strong>SMTP.SendAsApp<\/strong><\/strong>&nbsp;permission.<\/p>\n\n\n\n<p>Remember to <strong>Grant admin consent<\/strong>:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-6.png\"><img loading=\"lazy\" decoding=\"async\" width=\"786\" height=\"407\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-6.png\" alt=\"\" class=\"wp-image-6221\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-6.png 786w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-6-300x155.png 300w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-6-768x398.png 768w\" sizes=\"(max-width: 786px) 100vw, 786px\" \/><\/a><\/figure>\n\n\n\n<p><strong>Create an application secret<\/strong> in Certificates &amp; secrets panel by clicking &#8216;New client secret&#8217; button:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-9.png\"><img loading=\"lazy\" decoding=\"async\" width=\"579\" height=\"382\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-9.png\" alt=\"\" class=\"wp-image-6233\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-9.png 579w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-9-300x198.png 300w\" sizes=\"(max-width: 579px) 100vw, 579px\" \/><\/a><\/figure>\n\n\n\n<p><strong>Note the secret value<\/strong> as it is shown only during creation.<\/p>\n\n\n\n<p>Use Windows PowerShell on your machine to <strong>Register service principals in Exchange<\/strong>. <\/p>\n\n\n\n<p>Set execution policy first:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nSet-ExecutionPolicy RemoteSigned\n<\/pre><\/div>\n\n\n<p><strong>Install ExchangeOnlineManagement <\/strong>module:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nInstall-Module -Name ExchangeOnlineManagement \nImport-Module ExchangeOnlineManagement \n<\/pre><\/div>\n\n\n<p><strong>Connect and log-in<\/strong> as an administrator (you&#8217;ll be prompted for password):<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nConnect-ExchangeOnline\n -UserPrincipalName your-admin-account@your-domain.onmicrosoft.com\n<\/pre><\/div>\n\n\n<p>For Exchange running in <strong>hybrid mode<\/strong> log-in using following code:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\n$lc = Get-Credential\nConnect-ExchangeOnline -Credential $lc\n<\/pre><\/div>\n\n\n<p><strong>Create service principal<\/strong><\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nNew-ServicePrincipal\n -AppId &lt;APPLICATION_ID&gt;\n -ServiceId &lt;OBJECT_ID&gt; \n &#x5B;-Organization &lt;ORGANIZATION_ID&gt;]\n<\/pre><\/div>\n\n\n<p>You can find ApplicationId and ObjectId in <strong>Enterprise applications<\/strong> in your application&#8217;s <strong>Overview<\/strong> panel:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-7.png\"><img loading=\"lazy\" decoding=\"async\" width=\"566\" height=\"327\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-7.png\" alt=\"\" class=\"wp-image-6222\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-7.png 566w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/07\/image-7-300x173.png 300w\" sizes=\"(max-width: 566px) 100vw, 566px\" \/><\/a><\/figure>\n\n\n\n<p>Make sure you use the<strong> Object ID<\/strong> from the&nbsp;<strong>Enterprise Application<\/strong>.&nbsp;<\/p>\n\n\n\n<p><strong><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">Do not use <\/mark><\/strong>the&nbsp;value from the App Registration screen.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/10\/image-7.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"296\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/10\/image-7-1024x296.png\" alt=\"\" class=\"wp-image-6392\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/10\/image-7-1024x296.png 1024w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/10\/image-7-300x87.png 300w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/10\/image-7-768x222.png 768w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/10\/image-7.png 1175w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n\n<p>In our case:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nNew-ServicePrincipal\n -AppId 061851f7-08c0-40bf-99c1-ebd489c11f16\n -ServiceId 4352fc11-5c2f-4b0b-af40-447ff10664e8\n<\/pre><\/div>\n\n\n<p>Note: If you still get an <strong>error running the New-ServicePrincipal <\/strong>cmdlet after you perform these steps, it is likely due to the fact that<strong> <\/strong>the <strong>user doesn&#8217;t have enough permissions in Exchange online<\/strong> to perform the operation. By default this cmdlet is available to users assigned the&nbsp;<strong>Role Management<\/strong>&nbsp;role<\/p>\n\n\n\n<p><strong>Add permissions<\/strong> to a specific mailbox:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nAdd-MailboxPermission\n -Identity &quot;&lt;USER@your-domain.onmicrosoft.com&gt;&quot;\n -User &lt;OBJECT_ID&gt;\n -AccessRights FullAccess\n<\/pre><\/div>\n\n\n<p>In our case:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nAdd-MailboxPermission\n -Identity &quot;AdeleV@your-domain.onmicrosoft.com&quot;\n -User 4352fc11-5c2f-4b0b-af40-447ff10664e8\n -AccessRights FullAccess\n<\/pre><\/div>\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image.png\"><img loading=\"lazy\" decoding=\"async\" width=\"963\" height=\"215\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image.png\" alt=\"\" class=\"wp-image-6322\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image.png 963w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image-300x67.png 300w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image-768x171.png 768w\" sizes=\"(max-width: 963px) 100vw, 963px\" \/><\/a><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Shared mailboxes<\/h2>\n\n\n\n<p>You need to use Add-MailboxPermission for every shared mailbox you need access to:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: csharp; title: ; notranslate\" title=\"\">\nAdd-MailboxPermission\n -Identity &quot;shared@your-domain.onmicrosoft.com&quot;\n -User &lt;OBJECT_ID&gt;\n -AccessRights FullAccess\n<\/pre><\/div>\n\n\n<h2 class=\"wp-block-heading\">Let&#8217;s code<\/h2>\n\n\n\n<p>Use&nbsp;Microsoft Authentication Library for .NET (MSAL.NET) nuget package to obtain an access token:<br> <a href=\"https:\/\/www.nuget.org\/packages\/Microsoft.Identity.Client\/\">https:\/\/www.nuget.org\/packages\/Microsoft.Identity.Client\/<\/a>  <\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: csharp; title: ; notranslate\" title=\"\">\n\/\/ C#\n\nstring clientId = &quot;Application (client) ID&quot;;    \/\/ 061851f7-...\nstring tenantId = &quot;Directory (tenant) ID&quot;;\nstring clientSecret = &quot;Client secret value&quot;;\n\nstring userName = &quot;Username\/email for mailbox&quot;;    \/\/ AdeleV@...\n\nvar app = ConfidentialClientApplicationBuilder\n    .Create(clientId)\n    .WithTenantId(tenantId)\n    .WithClientSecret(clientSecret)\n    .Build();\n\nstring&#x5B;] scopes = new string&#x5B;] { \n    &quot;https:\/\/outlook.office365.com\/.default&quot; \n};\n<\/pre><\/div>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: vb; title: ; notranslate\" title=\"\">\n' VB.NET\n\nDim clientId As String = &quot;Application (client) ID&quot; ' 061851f7-...\nDim tenantId As String = &quot;Directory (tenant) ID&quot;\nDim clientSecret As String = &quot;Client secret value&quot;\n\nDim userName As String = &quot;Username\/email for mailbox&quot;  'AdeleV@...\n\nDim app = ConfidentialClientApplicationBuilder.Create(clientId) _\n    .WithTenantId(tenantId) _\n    .WithClientSecret(clientSecret) _\n    .Build()\n\nDim scopes As String() = New String() { _\n    &quot;https:\/\/outlook.office365.com\/.default&quot; _\n}\n<\/pre><\/div>\n\n\n<p>Now acquire an access token: <\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: csharp; title: ; notranslate\" title=\"\">\n\/\/ C#\n\nvar result = await app.AcquireTokenForClient(scopes)\n    .ExecuteAsync();\n\nstring accessToken = result.AccessToken;\n<\/pre><\/div>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: vb; title: ; notranslate\" title=\"\">\n' VB.NET\n\nDim result = Await app.AcquireTokenForClient(scopes).ExecuteAsync()\nDim accessToken As String = result.AccessToken\n<\/pre><\/div>\n\n\n<p>Finally you can connect using IMAP\/POP3, authenticate and download user&#8217;s emails:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: csharp; title: ; notranslate\" title=\"\">\n\/\/ C#\n\nusing (Imap client = new Imap())\n{\n    client.ConnectSSL(&quot;outlook.office365.com&quot;);\n    client.LoginOAUTH2(userName, accessToken);\n \n    client.SelectInbox();\n\n    List&lt;long&gt; uids = imap.Search(Flag.Unseen);\n    foreach (long uid in uids)\n    {\n        IMail email = new MailBuilder()\n                .CreateFromEml(imap.GetMessageByUID(uid));\n        string subject = email.Subject;\n   }\n\n   client.Close();\n} \n<\/pre><\/div>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: vb; title: ; notranslate\" title=\"\">\n' VB.NET\n\nUsing client As Imap = New Imap()\n    client.ConnectSSL(&quot;outlook.office365.com&quot;)\n    client.LoginOAUTH2(userName, accessToken)\n\n    client.SelectInbox()\n\n    Dim uids As List(Of Long) = imap.Search(Flag.Unseen)\n    For Each uid As Long In uids\n        Dim email As IMail = New MailBuilder() _\n            .CreateFromEml(imap.GetMessageByUID(uid))\n        Dim subject As String = email.Subject\n    Next\n\n    client.Close()\nEnd Using\n<\/pre><\/div>\n\n\n<h2 class=\"wp-block-heading\">SMTP<\/h2>\n\n\n\n<p>Microsoft <strong>started supporting&nbsp;client credential<\/strong>&nbsp;flow and SMTP recently.<\/p>\n\n\n\n<p>SMTP requires <strong>SMTP.SendAsApp<\/strong> permission added to your AD application.<\/p>\n\n\n\n<p>All other OAuth flows (<a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-web-flow-office365-exchange-imap-pop3-smtp\">web<\/a>,&nbsp;<a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-office365-exchange-imap-pop3-smtp\">desktop<\/a>,&nbsp;<a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-password-grant-office365-exchange-imap-pop3-smtp\">password grant<\/a>,&nbsp;<a href=\"https:\/\/www.limilabs.com\/blog\/oauth2-device-flow-office365-exchange-imap-pop3-smtp\">device<\/a>) support SMTP client access as well.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">For SMTP non-OAuth2 access:<\/h3>\n\n\n\n<p>&#8220;<strong>SMTP AUTH will still be available<\/strong>&nbsp;when Basic authentication is permanently disabled on October 1, 2022.&#8221; (<a href=\"https:\/\/docs.microsoft.com\/en-us\/exchange\/clients-and-mobile-in-exchange-online\/deprecation-of-basic-authentication-exchange-online\">https:\/\/docs.microsoft.com\/en-us\/exchange\/clients-and-mobile-in-exchange-online\/deprecation-of-basic-authentication-exchange-online<\/a>)<\/p>\n\n\n\n<p>However Microsoft disables SMTP AUTH in all tenants in which it&#8217;s not being used.<\/p>\n\n\n\n<p>Here&#8217;s how to&nbsp;<strong>enable SMTP AUTH<\/strong>:<br><a href=\"https:\/\/learn.microsoft.com\/en-us\/exchange\/clients-and-mobile-in-exchange-online\/authenticated-client-smtp-submission\">https:\/\/learn.microsoft.com\/en-us\/exchange\/clients-and-mobile-in-exchange-online\/authenticated-client-smtp-submission<\/a><\/p>\n\n\n\n<p>Additionally Exchange Online will permanently remove support for Basic authentication with SMTP submission in <strong>September 2025<\/strong>:<br><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/exchange\/exchange-online-to-retire-basic-auth-for-client-submission-smtp-auth\/4114750\">https:\/\/techcommunity.microsoft.com\/blog\/exchange\/exchange-online-to-retire-basic-auth-for-client-submission-smtp-auth\/4114750<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Troubleshooting<\/h2>\n\n\n\n<p>1. Start with <strong>PowerShell <\/strong>commands:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\nGet-ServicePrincipal\nGet-MailboxPermission -Identity &quot;AdeleV@your-domain.onmicrosoft.com&quot;\n<\/pre><\/div>\n\n\n<p>You should see following results:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image-1.png\"><img loading=\"lazy\" decoding=\"async\" width=\"679\" height=\"202\" src=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image-1.png\" alt=\"\" class=\"wp-image-6326\" srcset=\"https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image-1.png 679w, https:\/\/www.limilabs.com\/blog\/wp-content\/uploads\/2022\/09\/image-1-300x89.png 300w\" sizes=\"(max-width: 679px) 100vw, 679px\" \/><\/a><\/figure>\n\n\n\n<p>Make sure the <strong>ServiceId <\/strong>is the same as the<strong> Object ID<\/strong> on the <strong>Enterprise Application<\/strong> screen (<strong><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">do not <\/mark><\/strong>use the&nbsp;value from the App Registration screen)<\/p>\n\n\n\n<p>Make sure the <strong>AppId <\/strong>is the same as the<strong> Application ID<\/strong> on the <strong>Enterprise Application<\/strong> screen<\/p>\n\n\n\n<p>2. Check if you can connect to this account using <strong>IMAP <\/strong>and regular interactive flow: <\/p>\n\n\n\n<p><a href=\"https:\/\/www.limilabs.com\/blog\/office-365-oauth-2-0-imap-pop3-email-client-connectivity-tools\">https:\/\/www.limilabs.com\/blog\/office-365-oauth-2-0-imap-pop3-email-client-connectivity-tools<\/a><\/p>\n\n\n\n<p>This proves you have IMAP access properly configured.<\/p>\n\n\n\n<p>3. Check if you added correct permissions and have granted <strong>Admin consent<\/strong> for your domain.<\/p>\n\n\n\n<p>4. Usually people use&nbsp;<strong>incorrect client\/tenant ids<\/strong>\/secrets &#8211; double check every single value you enter (also for additional spaces).<\/p>\n\n\n\n<p>5. You may need to <strong>wait 20-30 minutes<\/strong>&nbsp;for some changes to take effect (it really may take this long!).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Additional links<\/h2>\n\n\n\n<p>https:\/\/docs.microsoft.com\/en-us\/powershell\/exchange\/exchange-online-powershell-v2?view=exchange-ps#install-and-maintain-the-exo-v2-module <br>https:\/\/docs.microsoft.com\/en-us\/exchange\/client-developer\/legacy-protocols\/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#use-client-credentials-grant-flow-to-authenticate-imap-and-pop-connections<\/p>\n\n\n\n<br \/>\n<a class=\"btn btn-primary btn-largest btn-action\" href=\"\/mail\/download\">Get Mail.dll<\/a>\n<br \/>\n","protected":false},"excerpt":{"rendered":"<p>In this series: &nbsp; OAuth 2.0 with Office365\/Exchange IMAP\/POP3\/SMTP OAuth 2.0 web flow with Office365\/Exchange IMAP\/POP3\/SMTP OAuth 2.0 password grant with Office365\/Exchange IMAP\/POP3\/SMTP OAuth 2.0 device flow with Office365\/Exchange IMAP\/POP3\/SMTP OAuth 2.0 client credential flow with Office365\/Exchange IMAP\/POP3\/SMTP This article shows how to implement OAuth 2.0 client credential flow to access Office365 via IMAP, POP3 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[28,84,122,42,50],"class_list":["post-6211","post","type-post","status-publish","format-standard","hentry","category-mail-dll","tag-imap","tag-oauth-2-0","tag-office365","tag-pop3","tag-smtp"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/6211"}],"collection":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/comments?post=6211"}],"version-history":[{"count":41,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/6211\/revisions"}],"predecessor-version":[{"id":6668,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/6211\/revisions\/6668"}],"wp:attachment":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/media?parent=6211"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/categories?post=6211"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/tags?post=6211"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}