SMTP return 535: 5.7.3 Authentication unsuccessful Error When using OAuth2 Access Token via Device Code Flow

Enzo Tech 0 Reputation points
2023-04-19T02:10:42.93+00:00

Hello Everyone I am developing an OAuth2 application for limited input devices to be able to send email via SMTP using OAuth2 Access Token but I got this error 535: 5.7.3 Authentication unsuccessful for consumer accounts. These are the endpoints I used to exchange for device codes and poll for the Access Token. device code endpoint = https://login.microsoftonline.com/common/oauth2/v2.0/devicecode token endpoint = https://login.microsoftonline.com/common/oauth2/v2.0/token Scopes used are: offline_access and SMTP.Send Anybody from Microsoft would like to check this issue? Thanks in advance.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,974 questions
{count} votes

5 answers

Sort by: Most helpful
  1. Amit Singh 4,851 Reputation points
    2023-04-24T10:38:20.8766667+00:00

    It could be that the SMTP authentication of your Office 365 account hasn't been enabled. The third-party application uses SMTP submission to authenticate Office 365 accounts. To allow the SMTP auth, you can refer to the following instruction. Enable or disable authenticated client SMTP submission (SMTP AUTH) in Exchange Online. As a side note, running the PowerShell commands requires an Office 365 admin account to Connect to Exchange Online PowerShell.

    1 person found this answer helpful.

  2. Aholic Liang-MSFT 13,826 Reputation points Microsoft Vendor
    2023-04-20T05:36:52.9533333+00:00

    Hi @ Enzo Tech

    To better solve this issue, I would like to confirm what your email account type is?

    If your account is Exchange online, I recommend that you verify the following in your tenant:

    1.Whether authenticated SMTP is enabled for the affected user

    -Navigate to Active users - Microsoft 365 admin center

    -Select the user you want to test with.

    -Make sure Authenticated SMTP is selected.

    2.Verify that security defaults are disabled in your organization.

    3.Disable Multi Factor Authentication (MFA) on the licensed mailbox being used:

    -In the Microsoft 365 admin center, in the left navigation menu choose Users > Active users.

    -On the Active users page, choose Multi-factor authentication.

    -On the Multi-factor authentication page, select the user and set the Multi-factor auth status to Disabled.

        If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  3. Aholic Liang-MSFT 13,826 Reputation points Microsoft Vendor
    2023-04-25T09:44:11.2866667+00:00

    Hi @ Enzo Tech,

    Thanks for your reply!

    Exchange online is mainly focused on the technical questions about the configuration and administration of Exchange Online.

    About personal accounts outlook.com has their own forum, here you can post questions: Results in Outlook - Microsoft Community

      Thanks for your understanding and patience!


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  4. Enzo Tech 0 Reputation points
    2023-05-01T14:10:43.82+00:00

    This issue can still be reproduced. I created a program written in Rust-Lang to prove that the access token retrieve via Device Code Flow is not working for SMTP XOAUTH2.

    Source Code:

    https://github.com/LorenzoLeonardo/microsoft-smtp-xoauth2-test-tool

    Scopes: offline_access, SMTP.Send

    Endpoints:

    https://login.microsoftonline.com/common/oauth2/v2.0/devicecode

    https://login.microsoftonline.com/common/oauth2/v2.0/token

    0 comments No comments

  5. Enzo Tech 0 Reputation points
    2023-05-05T12:29:53.0433333+00:00

    It seems it is already working it seems there is a mystery fix in MS end.

    This is the test tool I created written in Rust Programming Language.

    0 comments No comments