0

Good Afternoon,

I have an application and we're trying to connect to out IMAP server using Chilkat (PHP Extension), via the Client Credential Flow method, since it's supposed to be a server-to-server connection, without user interaction.

We're using the Microsoft Graph example as a base-code (https://www.example-code.com/phpExt/microsoft_graph_client_credentials.asp), but we're using the scope (https://ps.outlook.com/.default), link and API permissions as described in the Microsoft Documentation (https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#use-client-credentials-grant-flow-to-authenticate-imap-and-pop-connections).

I'm able to generate the Access Token, but when we try to connect to an authorized mailbox, we are greeted with the following error message:

ChilkatLog:
  Login:
    DllDate: Jan 31 2021
    ChilkatVersion: 9.5.0.85
    UnlockPrefix: OUR_UNLOCK_CODE_HERE
    Architecture: Little Endian; 64-bit
    Language: Linux PHP
    VerboseLogging: 0
    loginX:
      greeting: * OK The Microsoft Exchange IMAP4 service is ready. [SOME_CK_GENERATED_CODE_HERE]
     
      authenticateXOAuth2:
        xoauth2Imap:
          ConnectionType: SSL/TLS
        --xoauth2Imap
        isOK:
          serverResponse: aaab NO AUTHENTICATE failed.
        --isOK
      --authenticateXOAuth2
    --loginX
    Failed.
  --Login
--ChilkatLog

I have tried using the token generated via postman, I've tried every single API permission that I found out on the Microsoft Documentation, and I have tried many different chilkat implementations on my server... All to no avail.

All I need is some way to connect to my IMAP folders, since we are currently using basic Auth (and basic Auth for IMAP will die at the end of the year).

I'm not sure what the problem is, since we gave our test email IMAP parmissions and followed to the letter the microsoft documentation. I'm a little lost on what could be causing the error, the API permissions, the mailbox permissions or our Chilkat PHP implementation. Can you guys help me find out what is going on, please? Thanks!

1 Answers1

0

I feel your pain because I haven't been able to get client_credentials working with Office365 either.

It's a common use case, and you'd think Microsoft would make it easy.

My only suggestion (for now) is to get the very first OAuth2 access token using authorization flow (i.e. interactively with a browser), and then refresh non-interactively as needed from that point forward.

The blog post is a good starting point for using Chilkat with Office365 OAuth2:

https://cknotes.com/office365-modern-authentication-for-imap-pop3-and-smtp/

Chilkat Software
  • 1,405
  • 1
  • 9
  • 8