Replacing basic auth for IMAP with OAuth 2.0 in an unattended application

%3CLINGO-SUB%20id%3D%22lingo-sub-1537514%22%20slang%3D%22en-US%22%3EReplacing%20basic%20auth%20for%20IMAP%20with%20OAuth%202.0%20in%20an%20unattended%20application%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1537514%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20an%20automated%20process%20that%20reads%20incoming%20emails%20and%20extract%20attachments%20from%20an%20O365%20inbox%20which%20has%20IMAP%20basic%20auth%20enabled.%20The%20org%20wants%20to%20disable%20basic%20auth%20and%20have%20us%20use%20either%20OAuth%202.0%20or%20even%20better%20not%20use%20IMAP.%20Is%20there%20a%20recommended%20way%20to%20achieve%20this%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20we%20use%20OAuth%202.0%20authentication%20from%20a%20C%23%20service%20application%3F%20Or%20is%20user%20input%20required%20for%20OAuth%202.0%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAre%20we%20able%20to%20move%20away%20from%20IMAP%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1537514%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1546390%22%20slang%3D%22en-US%22%3ERe%3A%20Replacing%20basic%20auth%20for%20IMAP%20with%20OAuth%202.0%20in%20an%20unattended%20application%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1546390%22%20slang%3D%22en-US%22%3E%3CP%3EHey%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F160610%22%20target%3D%22_blank%22%3E%40Shivian%20D%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20by%20no%20means%20a%20developer%20but%20i%20have%20somewhat%20heard%20about%20the%20question%20you%20raised.%20Oauth%202.0%20does%20support%20authentication%20against%20office%20365%20services%20without%20user%20intervention.%20To%20start%20off%20you%20will%20have%20to%20register%20the%20application%20in%20azure%20and%20retrieve%20a%20'client%20id'%20and%20'client%20secret'%20which%20you%20can%20later%20use%20in%20the%20code%20for%20obtaining%20a%20token.%20The%20following%20articles%20should%20help%20you%20get%20started%20(EWS)%20%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.emailarchitect.net%2Feagetmail%2Fsdk%2Fhtml%2Fobject_oauth_ews_service.htm%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.emailarchitect.net%2Feagetmail%2Fsdk%2Fhtml%2Fobject_oauth_ews_service.htm%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fv2-oauth2-client-creds-grant-flow%23first-case-access-token-request-with-a-shared-secret%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fv2-oauth2-client-creds-grant-flow%23first-case-access-token-request-with-a-shared-secret%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1546421%22%20slang%3D%22en-US%22%3ERe%3A%20Replacing%20basic%20auth%20for%20IMAP%20with%20OAuth%202.0%20in%20an%20unattended%20application%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1546421%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F67895%22%20target%3D%22_blank%22%3E%40harveer%20singh%3C%2FA%3Eaha%20that%20does%20sound%20promising.%20Thanks%20-%20will%20investigate%20that.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Hi,

 

We have an automated process that reads incoming emails and extract attachments from an O365 inbox which has IMAP basic auth enabled. The org wants to disable basic auth and have us use either OAuth 2.0 or even better not use IMAP. Is there a recommended way to achieve this?

 

Can we use OAuth 2.0 authentication from a C# service application? Or is user input required for OAuth 2.0?

 

Are we able to move away from IMAP?

 

Thanks

2 Replies
Highlighted

Hey @Shivian D,

 

I am by no means a developer but i have somewhat heard about the question you raised. Oauth 2.0 does support authentication against office 365 services without user intervention. To start off you will have to register the application in azure and retrieve a 'client id' and 'client secret' which you can later use in the code for obtaining a token. The following articles should help you get started (EWS) :

https://www.emailarchitect.net/eagetmail/sdk/html/object_oauth_ews_service.htm

https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#fi...

 

Thanks

 

Highlighted

@harveer singhaha that does sound promising. Thanks - will investigate that.