Blog Post

Exchange Team Blog
1 MIN READ

Announcing OAuth 2.0 Client Credentials Flow support for POP and IMAP protocols in Exchange Online

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Jun 30, 2022
Today, we’re excited to announce the availability of OAuth 2.0 authentication via client credentials grant flow for the POP and IMAP protocols for accessing Exchange Online mailboxes. Applications ...
Updated Jun 30, 2022
Version 2.0
announcements
development
exchange online
security
JerryJerry's avatar
JerryJerry
Copper Contributor
Sep 27, 2022

AtifMunir

Here is example for IMAP, but the authentication part is the same for POP/IMAP:

https://github.com/DanijelkMSFT/ThisandThat/blob/main/Get-IMAPAccessToken.ps1

scope should be: https://outlook.office365.com/.default

 

It's in PowerShell, it should be easy to rewrite it in C#.

 

Authentication part is handled in MSAL.PS but could be rewritten to not use it.

This is replacement for MSAL.PS:

 

$clientID = "<client id>"
$tenantID = "<tenant id>"
$clientsecret = "<client secret>"

$RequestBody = @{
client_id = $clientId;
client_secret = $clientSecret;
grant_type="client_credentials";
scope="https://outlook.office365.com/.default";
}
$OAuthResponse = Invoke-RestMethod -Method Post -Uri https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token -Body $RequestBody
$AccessToken = $OAuthResponse.access_token

# pre-requirement
# MSAL.PS - https://www.powershellgallery.com/packages/MSAL.PS/4.2.1.3
# code written in MSAL.PS
$SecuredclientSecret = ConvertTo-SecureString $clientsecret -AsPlainText -Force
$ClientApplication = New-MsalClientApplication -ClientId $clientID -TenantId $tenantID -ClientSecret $SecuredclientSecret

$MsalToken = $ClientApplication | Get-MsalToken -Scopes 'https://outlook.office365.com/.default'
$AccessToken = $MsalToken.accessToken