php-imap icon indicating copy to clipboard operation
php-imap copied to clipboard

Published 20 hours ago verified publisher icon Webklex

Oauth2 with Microsoft Personal Account

Open iwkse opened this issue 1 year ago • 2 comments

Hi, that's a general question related to Microsoft OAUTH2. I would like to know if this works also for personal account or it's required a organization account. That's related to this issue https://github.com/Webklex/php-imap/issues/519 because we can't login after receiving the access token. Any hint is welcome

iwkse avatar Oct 28 '24 16:10 iwkse

Yes this library works with personal accounts. I use this library to access them.

If you can't login after retrieving the access token, you haven't requested the correct scopes during the OAuth flow.

You need to request the below scopes:

'offline_access',
'https://outlook.office.com/IMAP.AccessAsUser.All',

stevebauman avatar Nov 13 '24 04:11 stevebauman

We're using postman to check if it works, so the first GET call:

https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?
&client_id=xxxxxxxx-yyyy-zzzz-ssss-dc01692174d8
&response_type=code
&redirect_uri=https://www.xxx.com/xxx/test-imap.php
&response_mode=query
&scope=openid 
IMAP.AccessAsUser.All 
profile SMTP.Send Mail.Send MailboxFolder.Read MailboxFolder.ReadWrite MailboxItem.Read MailboxSettings.Read MailboxSettings.ReadWrite offline_access email User.Read User.ReadWrite wl.offline_access wl.imap wl.emails
&grant_type=authorization_code
&state=12345

We receive from this M.C522_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx used with the POST call:

POST: https://login.microsoftonline.com/consumers/oauth2/v2.0/token
BODY:
  client_id:xxxxxxxx-yyyy-zzzz-ssss-dc01692174d9
  client_secret:MYSECRET
  grant_type:client_credentials
  scope: https://outlook.office.com/.default
  code:M.C522_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

It doesn't work though.

iwkse avatar Nov 15 '24 14:11 iwkse