Announcing OAuth 2.0 support for IMAP and SMTP AUTH protocols in Exchange Online
Published Apr 30 2020 08:00 AM 162K Views

Ever since we announced our intention to disable Basic Authentication in Exchange Online we said that we would add Modern Auth (OAuth 2.0) support for the IMAP, POP and SMTP AUTH protocols.

Today, we’re excited to announce the availability of OAuth 2.0 authentication for IMAP and SMTP AUTH protocols to Exchange Online mailboxes. This feature announcement is for interactive applications to enable OAuth for IMAP and SMTP.

For additional information about non-interactive applications, please see our blog post Announcing OAuth 2.0 Client Credentials Flow support for POP and IMAP protocols in Exchange Online.

Application developers who have built apps that send, read or otherwise process email using these protocols will be able to implement secure, modern authentication experiences for their users. This functionality is built on top of Microsoft Identity platform (v2.0) and supports access to email of Microsoft 365 (formerly Office 365) users.

Detailed step-by-step instructions for authenticating to IMAP and SMTP AUTH protocols using OAuth are now available for you to get started.

What’s supported?

With this release, apps can use one of the following OAuth flows to authorize and get access tokens on behalf of a user.

  1. OAuth2 authorization code flow
  2. OAuth2 Device authorization grant flow

Follow these detailed step-by-step instructions to implement OAuth 2.0 authentication if your in-house application needs to access IMAP and SMTP AUTH protocols in Exchange Online, or work with your vendor to update any apps or clients that you use that could be impacted.

The Exchange Team

101 Comments
Co-Authors
Version history
Last update:
‎Jun 30 2022 11:43 AM
Updated by: