This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 98%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Hello together,
we want to write an application where we proccess incoming mails from a mailbox in the background, for that we want to read the inbox of a user with a Java application via IMAP and OAuth (as Basic Auth is disabled).
I have found so many articles dealing with this topic and issue, but unfortunately every attempt we have made has not worked. Therefore, I try it now here!
What do we currently have?
What do we currently have?
App:
Our Service Provider registered an app (got a ClientId, Secret and TenantId) with permissions. For example, we have already customized this according to https://video2.skills-academy.com/en-us/answers/questions/1230605/a1-no-authenticate-failed-using-javamail-and-oauth as well (sorry for the german screenshot).
Access Token:
The AccessToken that we are getting looks ok to me, at least it knows what right my app has.
// Set up MSAL authentication context
Debugged with https://jwt.ms/
Java Mail:
We are using jakarta.mail 2.1.2, implementation from org.eclipse.angus (but the good old javax.mail is the same).
This is for sure a bit more complicated since there are so many variants of the properties. For example, we have also defined imaps as store (as you see below), or tried sasl also "mail.imaps.sasl.mechanisms". But in my opinion the example in the linked article would be sufficient. It makes no different if we are using "imap" store or using the getInstance with Authenticator to provide user and token. So, currently we have.
Properties props = new Properties();
props.put("mail.store.protocol", "imaps");
props.put("mail.imaps.host", "outlook.office365.com");
props.put("mail.imaps.port", "993");
props.put("mail.imaps.ssl.enable", "true");
props.put("mail.imaps.auth", "true");
props.put("mail.imaps.auth.mechanisms", "XOAUTH2");
props.put("mail.imaps.user", USER);
props.put("mail.debug", "true");
props.put("mail.debug.auth", "true");
Session session = Session.getInstance(props);
Store store = session.getStore();
store.connect(USER, accessToken);
Debug results in console:
DEBUG IMAPS: trying to connect to host "outlook.office365.com", port 993, isSSL true
* OK The Microsoft Exchange IMAP4 service is ready. [******]
A0 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
A0 OK CAPABILITY completed.
DEBUG IMAPS: AUTH: PLAIN
DEBUG IMAPS: AUTH: XOAUTH2
DEBUG IMAPS: protocolConnect login, host=outlook.office365.com, user=meeting-reply-test@themis-wissen.de, password=<non-null>
A1 AUTHENTICATE XOAUTH2 ******
A1 NO AUTHENTICATE failed.
So we're at a bit of a loss here and pretty clueless. Is there anyone here who can help us?
I look forward to hearing from you.
Patric
ps. If you have any questions, I can provide more info. A call, or whatever is needed.
ps. If I have written something totally stupid, forgiven, I am at least regarding the Microsoft technologies a little beginner.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Patric Dosch ,
Thanks for reaching out.
Did you register your AAD application's service principal in Exchange correctly with correct object id?
Thanks,
Shwet
hey @Shweta Mathur
(some words, that the editor is not always doing something)
My Service Provider said yes to your question.
He send me a screenshot from the Get-ServicePrincipal call.
He said he already followed the steps in the linked question https://video2.skills-academy.com/en-us/answers/questions/1230605/a1-no-authenticate-failed-using-javamail-and-oauth (as I see the answer is also from you).
Patric
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 80%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Hi,
Welcome to the Microsoft Q&A platform!
According to your description, this issue is more related to development, so I changed the tag to exchange server development.
Thank you for your understanding, and I hope your problem can be solved soon!
Just curious if you change the protocol from "imaps" to "imap" whether it would work or not?
hey Dillon, sorry for my late replay.
I tested different combinations. And now I tested again with only "imap" store.
Your linked blog is one of my samples regaring the mail-config. I got my token different, but got this somewhere out of this big documentation.
// Set up MSAL authentication context
The error is always the same.