Utilizing OAuth2 for Office365, through Exchange ActiveSync (EAS) - McMap

About

Utilizing OAuth2 for Office365, through Exchange ActiveSync (EAS)

Asked 28/12, 2016 at 16:35 Answered 29/6, 2017 at 20:59

oauth-2.0 office365 activesync

P

1

4

The blog post: Announcing Exchange ActiveSync v16.1 states that:

While not a part of EAS 16.1, we also want to note that both Office 365 and Outlook.com customers can now utilize the OAuth 2.0 protocol for authorization through EAS.

My question is: which scope should I use in the oauth request?

Is there an example, perhaps of the full request?

Note: there was a similar question about using OAuth for Office365 with IMAP, but here I'm specifically asking about ActiveSync. I referenced this question in a comment to one of the answers on that thread.

Secondary problem:

Thanks to Jason's answer and some additional tweaks, we managed to generate oauth token using https://login.windows.net/common/oauth2 but only for office365 users (Organization Accounts) and not to Microsoft users account (live, hotmail, outlook.com...)

The token allows access to both ActiveSync protocol (via https://eas.outlook.com/Microsoft-Server-ActiveSync) and for EWS API (via https://outlook.office365.com/EWS/Exchange.asmx).

Unfortunately we cannot find a way to generate same token for Microsoft online accounts (hotmail, live, outlook.com). We tried using this endpoint: https://login.live.com/oauth20_authorize.srf which allow only activesync and not EWS.

Is there a way to use the same token for both organization and online accounts on both protocols (ActiveSync and EWS)?

Phillada answered 28/12, 2016 at 16:35 Comment(2)

I have the same question! Did you figure it out? – Pelias 6/6, 2017 at 21:47

No. I'm still hoping to find an answer... – Phillada 7/6, 2017 at 7:31

M

2

Sorry this took so long, but I wasn't aware of this question until today :). You need to register your app as a native application in Azure Active Directory:

Then add the Access mailboxes as the signed-in user via Exchange Web Services (under Office 365 Exchange Online) delegated permission.

NOTE: You cannot register this in the Application Registration Portal (https://apps.dev.microsoft.com), it needs to be registered in the Azure Portal (https://portal.azure.com/), and you need to use the v1 Azure auth endpoints for authorization and token requests.

Momus answered 29/6, 2017 at 20:59 Comment(7)

Thank you for your answer. However, there's a second problem: we need to use the same token for both office365 users and online users (hotmail, live, etc). I added the full description to the question. – Phillada 12/7, 2017 at 13:30

The Azure v1 endpoints do not support Microsoft accounts (Hotmail, Outlook.com, etc.). They only support Office 365. – Momus 12/7, 2017 at 14:47

Is there a way of having both account types (and both EWS and ActiveSync) work with a single oauth token? We tried with LiveConnect, but it only worked for MS accounts. – Phillada 12/7, 2017 at 14:58

No, there's no way. The EWS scope isn't exposed on Azure's v2 endpoints, which is the only endpoint that supports converged auth (meaning that both work and personal accounts can authenticate). – Momus 12/7, 2017 at 15:56

OK. What would be the oauth scope and endpoint for personal account (hotmail) that works with EWS? – Phillada 12/7, 2017 at 16:1

I don't believe there is one, but I'm double-checking that. – Momus 12/7, 2017 at 16:9

I am running into the same issue and I see that Jason Johnston was double checking but did not post back to this thread. Is there a way to use OAUTH2 for an Outlook.com account so that it can work with EWS? – Hourly 15/7, 2018 at 14:38

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.