IMAP XOAUTH2 Login Failure (several clients affected)

Question

I am a mail client developer and since 2021-09-24 I face the problem that I can get OAuth tokens just fine as before, but the XAUTH2 login fails. This worked before in my app and now it fails in several independent apps like eM Client, Aqua Mail, Fair Email, etc.

Interestingly enough, the Android Gmail app still succeeds adding an outlook account.

The corresponding server client communication is like this:

A: connecting to server outlook.office365.com:993 - secure: true

S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADMAUABSADAANwBDAEEAMAAxADMANQAuAGUAdQByAHAAcgBkADAANwAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]C: a0 AUTHENTICATE XOAUTH2 (base64 code scrambled) S: a0 NO AUTHENTICATE failed.

As several apps are affected and I can still login fine into Gmail using the same code, it seems unlikely that this is a client problem. It seems that the IMAP server outlook.office365.com does not accept XAUTH2 anymore, requires additional/different scopes or tokens that have been genererated differently. I re-checked with the documentation, but this is still the same https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth

In my case I got approved for the following scopes: https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline\_access

I can still sign into smtp.office365.com:587 using the same access token to send mail.

Thanks for any help!

Robert

Answer 1

Thank you, from 2021-09-30 the XOAUTH2-based IMAP logins work again and the issue seems to be resolved.

Hi RobertEnough,  

We hope you are feeling well.

We are glad to know that everything is working now. In that case, we will be closing this thread now.

Please do not hesitate to ask the community anytime just in case you have any questions in the future.

We value your feedback, click Yes or No to help us improve the support experience.   

Voting responses will also be beneficial to more Community members reading here.

Sincerely,        Juhn Jac,Consumer M365 Forum Moderator

Answer 2

Hello RobertEnough,    

  Thank you for bringing this to our attention and we appreciate your time posting your Office concern here in Microsoft Community Forum.

  We understand that this situation is difficult and it might be affecting your business let’s work on this together as team to get to the bottom of this.

We're completely aware of the issue going on with the Microsoft accounts that won't connect using a third party mail app. Please be advised that we already consulted this to our internal teams and we'll get back you as soon as we get an updates from them.

Thank you so much for your understanding!

Sincerely,        Juhn Jac,Consumer M365 Forum Moderator

Answer 3

Hi RobertEnough,  

Thank you for getting back to us.

We completely understand that switching to a different protocol could not be a best option for you however this is just a workaround if you really want to synchronize your emails again using a third party app.

We're still on the process of investigating and diagnosing the issue fully. We'll get back to you once we get an updates from our internal teams.

Thank you so much for your understanding!

Sincerely,        Juhn Jac,Consumer M365 Forum Moderator

Answer 4

Hi RobertEnough,  

Updates from Microsoft**:**

If you've added your account in eM client as IMAP please add it as Exchange temporarily.

---

>> Email Client for Outlook.com | eM Client

There's an specific support blog where they speak of the same issue and provide some workarounds can be found below. In the second link below there is a response from an eM Client agent breaking down a current fix/workaround for this issue. If you scroll down to post/line number 150 the post has a yellow background with images that detail how to proceed.

>> Hotmail not working - Mail - eM Client

>> Not receiving Outlook emails - Mail - eM Client

We look forward to your response.    Sincerely,Juhn Jac,Consumer M365 Forum Moderator

Answer 5

Thanks for keeping us up to date. For most email app develpers switching to a different protocol is not an option, so we really need Microsoft to fix its IMAP XAUTH2 authentication problem that now persists for more than 4 days.