This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 56.00000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EET%3C/text%3E%3C/svg%3E)
Hello Everyone I am developing an OAuth2 application for limited input devices to be able to send email via SMTP using OAuth2 Access Token but I got this error 535: 5.7.3 Authentication unsuccessful for consumer accounts. These are the endpoints I used to exchange for device codes and poll for the Access Token. device code endpoint = https://login.microsoftonline.com/common/oauth2/v2.0/devicecode token endpoint = https://login.microsoftonline.com/common/oauth2/v2.0/token Scopes used are: offline_access and SMTP.Send Anybody from Microsoft would like to check this issue? Thanks in advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 80%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Hi @ Enzo Tech,
Just checking in to see how things are going on with this thread.
If the reply was helpful, you can click the "Accept Answer" button under this post so that other's with similar question can benefit from this thread as well.
If you still have further questions or concerns, feel free to post back.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 98%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
It could be that the SMTP authentication of your Office 365 account hasn't been enabled. The third-party application uses SMTP submission to authenticate Office 365 accounts. To allow the SMTP auth, you can refer to the following instruction. Enable or disable authenticated client SMTP submission (SMTP AUTH) in Exchange Online. As a side note, running the PowerShell commands requires an Office 365 admin account to Connect to Exchange Online PowerShell.
This is for common user email for outlook. Not for email with tenants.
Hi @ Enzo Tech,
To better solve this issue, I would like to confirm what your email account type is?
If your account is Exchange online, I recommend that you verify the following in your tenant:
1.Whether authenticated SMTP is enabled for the affected user
-Navigate to Active users - Microsoft 365 admin center
-Select the user you want to test with.
-Make sure Authenticated SMTP is selected.
2.Verify that security defaults are disabled in your organization.
3.Disable Multi Factor Authentication (MFA) on the licensed mailbox being used:
-In the Microsoft 365 admin center, in the left navigation menu choose Users > Active users.
-On the Active users page, choose Multi-factor authentication.
-On the Multi-factor authentication page, select the user and set the Multi-factor auth status to Disabled.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hello @Aholic Liang-MSFT
This is for common user email for outlook. Not for email with tenants.
Hi @ Enzo Tech,
Thanks for your reply!
Exchange online is mainly focused on the technical questions about the configuration and administration of Exchange Online.
About personal accounts outlook.com has their own forum, here you can post questions: Results in Outlook - Microsoft Community
Thanks for your understanding and patience!
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
This issue can still be reproduced. I created a program written in Rust-Lang to prove that the access token retrieve via Device Code Flow is not working for SMTP XOAUTH2.
Source Code:
https://github.com/LorenzoLeonardo/microsoft-smtp-xoauth2-test-tool
Scopes: offline_access, SMTP.Send
Endpoints:
https://login.microsoftonline.com/common/oauth2/v2.0/devicecode
It seems it is already working it seems there is a mystery fix in MS end.
This is the test tool I created written in Rust Programming Language.
