Hi. Does anyone know what scopes should be set to allow the sending of email using SMTP. We are using javamail with Oauth2 and we have successfully got it working to read email using imap now we want to send email using smtp.
https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth
DEBUG SMTP: SASL client XOAUTH2
DEBUG SMTP: SASL callback length: 2
DEBUG SMTP: SASL callback 0: javax.security.auth.callback.NameCallback@5d1be090
DEBUG SMTP: SASL callback 1: javax.security.auth.callback.PasswordCallback@1418191d
AUTH XOAUTH2
535 5.7.3 Authentication unsuccessful [LO6P265CA0005.GBRP265.PROD.OUTLOOK.COM]
DEBUG SMTP: SASL authentication failed
The token, if I obtain it using the https://graph.microsoft.com/.default scope, comes back with the role "Mail.Send". If I use the scope https://outlook.office.com/.default I get the roles full_access_as_app, Mail.Send, and IMAP.AccessAsApp. There appear to be no scopes that give me the SMTP.Send or offline_access "roles" (or permissions or whatever), even though we've assigned them to the application.
While getting the imap to work we had to run the following command after creating a new New-ServicePrincipal Add-MailboxPermission -Identity -Acc
essRights FullAccess. Is their something similar to do for sending email.