Archived Forum Post

Index of archived forum posts

Question:

Outlook IMAP login with OAuth 2.0 authentication

Sep 25 '13 at 01:22

The Outlook IMAP can use XOAUTH login as described here http://blogs.office.com/b/microsoft-outlook/archive/2013/09/12/outlook-com-now-with-imap.aspx

I want to login using OAuth 2.0 with CkoIMAP and SMTP in objective C, how can it be done?

Thanks .

Here is the explanation from the link above: Authorization

Authorization for Outlook.com IMAP and SMTP are done via OAuth 2.0 using scopes wl.imap and wl.offline_access. After obtaining the access token from Microsoft account, your app/server passes the access token to IMAP and SMTP on login.

When the access token expires, your app/server must request a new access token from Microsoft account using the refresh token. The access token must be used for its full lifetime before the refresh token is used to renew the access token Both IMAP and SMTP accept a base64-encoded string as below, where {user@domain.com} is the user's account, {access token} is the OAuth access token, and ^A are Ctrl-A characters (U+0001):

user={user@domain.com}^Aauth=Bearer {access token}^A^A

This is an XOAuth2 authentication negotiation example for IMAP.

C: 000 CAPABILITY
S: * CAPABILITY IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2
S: 000 OK CAPABILITY completed
C: 001 AUTHENTICATE XOAUTH2
S: +
C: {base64-encoded string}
S: * CAPABILITY IMAP4rev1
S: 001 OK OAuth authentication successful

This is an XOAuth2 authentication negotiation example for SMTP.

C: STARTLS
S: 220 READY
... SSL negotiation ...
C: EHLO blah.com
S: 250-BLU0-SMTP18.phx.gbl Hello [64.4.1.10]
S: 250-AUTH LOGIN PLAIN XOAUTH2
S: 250 OK
C: AUTH XOAUTH2
S: 334
C: {base64-encoded string}
S: 235 2.7.0 Authentication succeeded