Microsoft Auth

[p-samuel]

Hi @geoffsmith82! Have you tried connecting with Microsoft's credentials? I don't know if I'm missing something, but after credentials login page is closed (in microsoft's login page), a message error is displayed stating that was not able to authenticate if you try sending a message.

[geoffsmith82]

The exact error message would be helpful. Try going to your webbrowswer and goto http://accounts.microsoft.com and log out of the account. Then try login again

[p-samuel]

The error message is

R:535 5.7.3 Authentication unsuccessful [ROAP284CA0191.BRAP284.PROD.OUTLOOK.COM]

It happens in IdSASLCollection unit.

if ACanAttemptIR then begin
    if ASASL.TryStartAuthenticate(AHost, AProtocolName, S) then begin
      👉AClient.SendCmd(ACmd + ' ' + String(ASASL.ServiceName) + ' ' + AEncoder.Encode(S), []);//[334, 504]);
      if CheckStrFail(AClient.LastCmdResult.Code, AOkReplies, AContinueReplies) then begin
        ASASL.FinishAuthenticate;
        Exit; // this mechanism is not supported
      end;
      AuthStarted := True;
    end;
  end;

The Cmd command is returning error. Maybe microsoft has changed any protocol urls? Or is it a problem with my user? I wonder why might be happening.

The cmd string passed is like this:

AUTH XOAUTH2 user= <my_user> auth=Bearer <token>

[marcin-bury]

@p-samuel The command string is incorrect. See https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth

[p-samuel]

@marcin-bury, thanks for noticing! I'll try making the appropriate changes. It seems the only problem is not encoding the login credentials. The SMTP docs states that it should be as follows:

AUTH XOAUTH2 <base64 string in XOAUTH2 format>

[afnsldd]

@p-samuel, it is doing! No error from the library's part. The AEncoder.Encode(S) takes responsibility to encode the credential string. I think the issue might be on Microsoft's side indeed.

[marcin-bury]

The case is that there should be addtional characters Char(1) in the string. I am also struggling with Office365 IMAP account, but in my case it might be a problem with application perimissions. I have token, prepare xoauth2 token as MS wants, and while connecting to exchange via openssl, I cannot authenticate.

[geoffsmith82]

In the past few days Microsoft has tightened up security restrictions for access.
See https://aka.ms/smtp_auth_disabled

They appear to be forcing 2fa as well. For the moment this means that the account I was using to test my code becomes unavailable to me.

[AlexanderPD]

any news on this? i also cannot resolve the "Authentication unsuccessful" error

[sheikn]

Has anyone got Office365 credentials to work?. I'm getting the 5.7.3 Authentication Unsuccessful error as well. IdSASLCollection.PerformSASLLogin is not adding the extra ("^A^A") characters to the end of the AUTH XOAUTH2 command.