Replacing basic auth for IMAP with OAuth 2.0 in an unattended application

%3CLINGO-SUB%20id%3D%22lingo-sub-1537514%22%20slang%3D%22en-US%22%3EReplacing%20basic%20auth%20for%20IMAP%20with%20OAuth%202.0%20in%20an%20unattended%20application%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1537514%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20an%20automated%20process%20that%20reads%20incoming%20emails%20and%20extract%20attachments%20from%20an%20O365%20inbox%20which%20has%20IMAP%20basic%20auth%20enabled.%20The%20org%20wants%20to%20disable%20basic%20auth%20and%20have%20us%20use%20either%20OAuth%202.0%20or%20even%20better%20not%20use%20IMAP.%20Is%20there%20a%20recommended%20way%20to%20achieve%20this%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20we%20use%20OAuth%202.0%20authentication%20from%20a%20C%23%20service%20application%3F%20Or%20is%20user%20input%20required%20for%20OAuth%202.0%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAre%20we%20able%20to%20move%20away%20from%20IMAP%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1537514%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1546390%22%20slang%3D%22en-US%22%3ERe%3A%20Replacing%20basic%20auth%20for%20IMAP%20with%20OAuth%202.0%20in%20an%20unattended%20application%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1546390%22%20slang%3D%22en-US%22%3E%3CP%3EHey%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F160610%22%20target%3D%22_blank%22%3E%40Shivian%20D%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20by%20no%20means%20a%20developer%20but%20i%20have%20somewhat%20heard%20about%20the%20question%20you%20raised.%20Oauth%202.0%20does%20support%20authentication%20against%20office%20365%20services%20without%20user%20intervention.%20To%20start%20off%20you%20will%20have%20to%20register%20the%20application%20in%20azure%20and%20retrieve%20a%20'client%20id'%20and%20'client%20secret'%20which%20you%20can%20later%20use%20in%20the%20code%20for%20obtaining%20a%20token.%20The%20following%20articles%20should%20help%20you%20get%20started%20(EWS)%20%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.emailarchitect.net%2Feagetmail%2Fsdk%2Fhtml%2Fobject_oauth_ews_service.htm%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.emailarchitect.net%2Feagetmail%2Fsdk%2Fhtml%2Fobject_oauth_ews_service.htm%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fv2-oauth2-client-creds-grant-flow%23first-case-access-token-request-with-a-shared-secret%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fv2-oauth2-client-creds-grant-flow%23first-case-access-token-request-with-a-shared-secret%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1546421%22%20slang%3D%22en-US%22%3ERe%3A%20Replacing%20basic%20auth%20for%20IMAP%20with%20OAuth%202.0%20in%20an%20unattended%20application%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1546421%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F67895%22%20target%3D%22_blank%22%3E%40harveer%20singh%3C%2FA%3Eaha%20that%20does%20sound%20promising.%20Thanks%20-%20will%20investigate%20that.%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi,

 

We have an automated process that reads incoming emails and extract attachments from an O365 inbox which has IMAP basic auth enabled. The org wants to disable basic auth and have us use either OAuth 2.0 or even better not use IMAP. Is there a recommended way to achieve this?

 

Can we use OAuth 2.0 authentication from a C# service application? Or is user input required for OAuth 2.0?

 

Are we able to move away from IMAP?

 

Thanks

2 Replies

Hey @Shivian D,

 

I am by no means a developer but i have somewhat heard about the question you raised. Oauth 2.0 does support authentication against office 365 services without user intervention. To start off you will have to register the application in azure and retrieve a 'client id' and 'client secret' which you can later use in the code for obtaining a token. The following articles should help you get started (EWS) :

https://www.emailarchitect.net/eagetmail/sdk/html/object_oauth_ews_service.htm

https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#fi...

 

Thanks

 

@harveer singhaha that does sound promising. Thanks - will investigate that.