IMAP over Oauth2 for Office 365 without user login

0 votes

We are trying to log into the appreg using the following but it seems to be erroring out and say Limilabs.Client.IMAP.ImapResponseException: 'AUTHENTICATE failed.'

IConfidentialClientApplication app;

app = ConfidentialClientApplicationBuilder.Create(clientID)
    .WithClientSecret(clientSecret)
    .WithAuthority(authoriseEndpoint)
    .Build();

var result = await app.AcquireTokenForClient(scopes)
    .ExecuteAsync();


using (Imap client = new Imap())
{
    client.ConnectSSL("outlook.office365.com");
    client.LoginOAUTH2(userEmail, result.AccessToken);

    client.Select("Inbox");

    var count = client.CurrentFolder.MessageCount;
    Console.WriteLine( count + " message(s) in Inbox");

    client.Close();
}

Please let us know if this is supported.

by (210 points)

1 Answer

+1 vote

Mail.dll supports OAuth2. The problem you might be facing here is on the Office365 side: I think Office365 doesn't allow using ConfidentialClient with IMAP.

I'm not sure about it to be honest, but it seems that Exchange/Office365 doesn't support 'OAuth2 client credentials grant flow'.

It supports 'OAuth2 authorization code flow' and 'OAuth2 Device authorization grant flow' only - access token on behalf of a user flows.

Please contact Office365 support for clarification.

[Edit]

Consider using password grant flow:

https://www.limilabs.com/blog/oauth2-password-grant-office365-exchange-imap-pop3-smtp

-or-

https://www.limilabs.com/blog/oauth2-office365-exchange-imap-pop3-smtp

by (297k points)
...