Facing: AUTHENTICATE failed. Unable to authenticate through client credentials access token.

Question

I am trying to follow this document https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth. I was able to generate access_token through postman successfully.
But when I am using that access_token with javax.mail, I am facing AUTHENTICATE failed.
Below is the code and screenshot

    private void fetchMicrosoftMail() throws MessagingException {  
        Properties props = new Properties();  
        props.put("mail.imap.ssl.enable", "true");  
        props.setProperty("mail.imap.starttls.enable", "true");  
        props.put("mail.imap.auth.mechanisms", "XOAUTH2");  
        props.setProperty("mail.debug", "true");  
        Session session = Session.getInstance(props);  
        Store store = session.getStore("imap");  
        store.connect("outlook.office365.com", 993, "abc@example.com",  
            "{{access_token}}");  
        Folder[] folders = store.getDefaultFolder().list("*");  
        for (Folder folder : folders) {  
          System.out.println(folder.getName());  
        }  
      }  

What I am doing wrong?

Answer 1

Hello @Vinay Sharma , in order to succesfuly Authenticate an IMAP connection using OAuth client credentials with Azure AD you need to obtain an access token targeting the https://outlook.office.com/.default scope and encode the access token using the SASL XOAUTH2 format. E.g. base64("user=" + userName + "^Aauth=Bearer " + accessToken + "^A^A")

In your code replace

   store.connect("outlook.office365.com", 993, "abc@example.com",  
                "{  
       
                    {access_token}}");  

With:

   store.connect("outlook.office365.com", 993, "abc@example.com", "SASL XOAUTH2 encoded access token");  

Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.