Oauth 2 Authorization Grant Stopped Working
I have an application our clients use to forward messages from our software to their customers via email and to import replies to associate with their customer accounts.
Suddenly this week the workflow that had been working before broke.
We open a browser where the client logs in to their Microsoft email account, verify the permissions being granted, and close the browser.
Our application receives a one time use token to retrieve the actual oauth tokens.
That portion is still working correctly.
When we try to use that one time use token however, we put together the required information, and http encode it, for example:
{client_id=[client id]&redirect_uri=http%3a%2f%2flocalhost%3a[port number we are listening at]%2f&grant_type=authorization_code&client_secret=[client secret]&scope =offline_access openid https%3a%2f%2foutlook.office.com%2fIMAP.AccessAsUser.All https%3a%2f%2foutlook.office.com%2fPOP.AccessAsUser.All https%3a%2f%2foutlook.office.com%2fSMTP.Send}
We post this to:
https://login.microsoftonline.com/common/oauth2/v2.0/token
And where we used to get the tokens, now we are immediately getting a 401 authorization error.
HResult -2146233079
Message The remote server returned an error: (401) Unauthorized.
Status Protocol Error
Our software is only used on Windows Server OS. We are using the common oauth endpoint because the clients are using their own Microsoft email accounts so their email addresses are not in our own corporate architecture.
With Microsoft ending non-oauth access to email, this is making it impossible for our clients to work with email.