IMAP not working:NO AUTHENTICATE failed

Question

Hi,

I am trying to Login to office 365 mailbox via IMAP. I am able to get token and when I decode it , it gives me following roles :

"roles": [
    "User.Read.All",
    "full_access_as_app",
    "Mail.ReadWrite",
    "User.ReadBasic.All",
    "Mail.Read",
    "IMAP.AccessAsApp"
  ],

Following is the code that I used for Connecting MailBox :

async function connect_imap(token){
  
const mailId = 'help@.....com';  
// const token =  
//   'eyJ0eXAiOiJKV1QiLCJub25jZSI6ImRvd3R0S2draG1fVGN1T1g3S1p................';  
//const auth2 = btoa('user=' + mailId + '^Aauth=Bearer ' + token + '^A^A');  
let auth2 =  Buffer.from([`user=${mailId}`, `auth=Bearer ${token}`, '', ''].join('\x01'), 'utf-8').toString('base64');
//const auth2 = buffer.from(("user="+mailId+"\x01auth=Bearer "+token+"\x01\x01")).toString('base64');    
  
var imap = new Imap({  
  xoauth2: auth2,  
  host: 'outlook.office365.com',  
  port: 993,  
  tls: true,  
  //secure:true,
  debug: console.log,  
  authTimeout: 25000,  
  connTimeout: 300000,  
  tlsOptions: {  
    rejectUnauthorized: false,  
    servername: 'outlook.office365.com'  
  }  
});  
  
function openInbox(cb) {  
  imap.openBox('INBOX', true, cb);  
}  
  
imap.once('ready', function () {  
  openInbox(function (err, box) {  
    if (err) throw err;  
    var f = imap.seq.fetch('1:3', {  
      bodies: 'HEADER.FIELDS (FROM TO SUBJECT DATE)',  
      struct: true  
    });  
    f.on('message', function (msg, seqno) {  
      console.log('Message #%d', seqno);  
      var prefix = '(#' + seqno + ') ';  
      msg.on('body', function (stream, info) {  
        var buffer = '';  
        stream.on('data', function (chunk) {  
          buffer += chunk.toString('utf8');  
        });  
        stream.once('end', function () {  
          console.log(  
            prefix + 'Parsed header: %s',  
            inspect(Imap.parseHeader(buffer))  
          );  
        });  
      });  
      msg.once('attributes', function (attrs) {  
        console.log(prefix + 'Attributes: %s', inspect(attrs, false, 8));  
      });  
      msg.once('end', function () {  
        console.log(prefix + 'Finished');  
      });  
    });  
    f.once('error', function (err) {  
      console.log('Fetch error: ' + err);  
    });  
    f.once('end', function () {  
      console.log('Done fetching all messages!');  
      imap.end();  
    });  
  });  
});  
  
imap.once('error', function (err) {  
  console.log(err);  
});  
  
imap.once('end', function () {  
  console.log('Connection ended');  
});  
  
imap.connect();
}

Following are my App permissions :

Help me please!

Answer 1

Thank you for asking this question on the Microsoft Q&A Platform.

You must use “Grant admin consent” option for all permissions that have been configured on the “API permissions” on the respective application.

then you must register a service principal in Exchange Online PowerShell, using this cmdlet: New-ServicePrincipal -AppId <APPLICATION_ID> -ServiceId <OBJECT_ID> -Organization <ORGANIZATION_ID>. The AppID <APPLICATION_ID> and Organization <ORGANIZATION_ID> are taken from the "App registrations/App name/Overview/Application ID" and "App registrations/App name/Overview/Directory (Tenant) ID" while the ServiceId <OBJECT_ID> is taken from "Enterprise applications/App name/Oveview/Object ID"

More info: https://answers.microsoft.com/en-us/msoffice/forum/all/configuration-for-imap-pop-and-smtp-with-oauth-in/3db47d43-25ac-4e0b-b957-22585e6caf15

Hope this helps!

---

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.