![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 27%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3END%3C/text%3E%3C/svg%3E)
Exchange Online
A cloud-based service included in Microsoft 365, delivering scalable messaging and collaboration features with simplified management and automatic updates.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 54%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Thank you for reaching out to Microsoft Q&A
As far as I know, Ricoh multi-function printers (MFPs) using OAuth 2.0 for scan-to-email with Exchange Online often face 535 authentication errors or timeouts, even when SMTP AUTH is enabled and the device firmware supports OAuth 2.0. The primary cause is that the necessary delegated permissions (SMTP.Send and offline_access) for Ricoh's multi-tenant application haven’t been fully granted via admin consent.
Therefore, if you want to verify whether the OAuth2 flow and consent configuration are correctly applied for multi-function devices in Exchange Online, you can follow the recommend approach below.
Enable Admin Consent Workflow:
- Sign in to Microsoft Entra and go to Identity > Protection > Admin consent settings.
- Set “Users can request admin consent to apps they are unable to consent to” to Yes.
- Add a Global Admin as a reviewer and ensure notifications are enabled.
Confirm SMTP Auth Settings:
- Ensure Authenticated SMTP is enabled in the Microsoft 365 admin center for the mailbox.
- Check the device’s OAuth 2.0 configuration with smtp.office365.com, Port 587, and STARTTLS.
- Run the device code flow and approve consent through the provided URL.
Verify Consent in Entra:
- Go to Entra > Identity > Applications > Enterprise applications.
- Ensure the Ricoh app shows “Granted for <tenant>” for SMTP.Send and offline_access permissions.
- If not granted, repeat the consent process as needed.
Link references:
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-admin-consent-workflow
https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-device-code
Note: Microsoft is providing this information as a convenience to you. These sites are not controlled by Microsoft, and Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please ensure that you fully understand the risks before using any suggestions from the above link.
Hope my answer will help you, for any further concern, kindly let me know in the comment section.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.