IMAP4

  • 31 Jul

    Connecting to Office 365 email using IMAP and OAuth2 authentication

    Q: Connecting to Office 365 email using IMAP and OAuth2 authentication.

    Wir versuchen gerade mit Limagito eine Verbindung zu einem MS Office 365 Email Postfach herzustellen und scheitern an der OAuth2 Authntifizierung. Wir wissen nicht genau was alles in die Felder muss.

    A: Best to use a more recent version since we did quite some code changes for IMAP4 as Source and OAuth2 authentication in version v2021.8.5.0 to make it easier to connect to MS Office 365.

    Important: Setup your App Registration in Azure beforehand. Here are the steps:

    1) In the Azure portal, go to Azure Active Directory. In “App registrations” create a “+ New registration”.

    Azure App registrations
    2) Register the app with Redirect URI = “http://localhost:3017”.

    Azure Register an application
    3) Goto “API permissions” to add permissions. For this OAuth2 authorization flow, we’ll add “Delegated permissions”.
    4) Add IMAP.AccessAsUser.All and offline_access permissions.

    Azure App Permissions

    5) Go to “Certificates & secrets” and add a new client secret.

    Azure Certificates & secrets

    6) In “App registrations”, go to “Endpoints” (located to the right of the “+ New registration” link. Note your endpoints for “OAuth 2.0 authorization endpoint (v2)” and “OAuth 2.0 token endpoint (v2)

    Azure Endpoints

    Azure endpoints

    7) Also, just in case, go to your Microsoft 365 admin center (this is not Azure). Go to your Active users. Click on a user to find the “Manage email apps” link. See Microsoft 365 Manage Email Apps

    Microsoft 365 admin center manage email apps

    Microsoft 365 admin center manage email apps

    8) Click on “Manage email apps”. Then make sure the “IMAP” checkbox is checked.

    Next, configuration of our File Mover:

    • Add IMAP4 as Source

    Limagito File Mover IMAP4 as Source

    • IMAP4 Setup. Be sure to select our second API Vendor: ‘Vendor 2 – CK’.

    Limagito File Mover IMAP4 Setup

    • IMAP4 Security Setup (please use version v2021.8.5.0 or higher).

    Limagito File Mover IMAP4 Security Setup

    • IMAP4 Common Setup

    Limagito File Mover IMAP4 Common Setup

    • IMAP4 OAuth2 Setup

    Limagito File Mover IMAP4 OAuth2 setup

    1) Fill in the correct Authorization and Token Url

    2)Enter Application Client ID and Client Secret Value

    Azure App Client ID

     

    Azure Secret Value

    3) Adjust your scope to: openid profile offline_access https://outlook.office365.com/IMAP.AccessAsUser.All

      • Provide a SPACE separated list of scopes.
      •  Important: The offline_access scope is needed to get a refresh token.

    4) Set Redirect URI to: http://localhost:3017/

    5) Set Redirect Port to 3017

      • This should be the port in the localhost callback URL for your app.
      • The callback URL would look like “http://localhost:3017/”, if the port number is 3017.
      • The redirect must go to http://localhost:/. It must be localhost, and it cannot be “https”.

    Next, click on the <GET> button.

    Should ‘Windows Defender’ popup, please <Allow access>.

    Limagito File Mover IMAP4 Oauth2

    Your browser will open and ask you for ‘Confirmation’.

    Limagito File Mover IMAP4 OAuth2

    Follow the routine in your browser and accept the authorization request.

    Limagito File Mover IMAP4 OAuth2 Access is granted

    Now you can close the browser. The ‘Refresh’ and ‘Access’ Token in the IMAP4 OAuth2 Setup should contain values. Click <Save>.

    Limagito File Mover IMAP4 OAuth2 Setup

    The IMAP as Source configuration is finished. Just add a Destination and you are ready to go.

    If you need any help with this ‘Office 365 email using IMAP’ request, please let us know.

    Some extra information: ‘Explaining OAuth2 Authentication’.

    The OAuth2 Get Token button does a couple of things:

    1. It starts the OAuth2 Authentication process.
    2. Returns a URL that should be displayed in a browser.
    3. Starts a background thread to receive the redirect callback from the browser.

    The flow of control is like this:

    1. The browser (popped up and displayed by our file mover) automatically navigates to the URL provided by Start Authentication.
    2. The user interactively authorizes the access. In doing so, the response sent back to the browser is a redirect to http://localhost:<someport>/
    3. The browser receives the response, and redirects to the http://localhost:<someport>/
    4. The background thread (= temporary HTTP server using <someport>) is the thing that is listening at and receives the response, and then your OAuth2 is completed.

    The redirect must go to http://localhost:<someport>/. It must be localhost, and it cannot be “https”. If you defined your application’s redirect URL to a web address such as “https://yourdomain.com/something…”, then the background thread is just sitting there waiting for the callback, which never happens (because it went to your web server).

    Note 1: For Microsoft API’s such as for OneDrive, make sure that your App on Microsoft Developer Dashboard, inside Authentication, Redirect URIs, set the app type to Web (not public client). Your desktop app is acting as a web server when receiving the single redirect request.

    Note 2: We used the Scope needed for IMAP. Other examples are:

    • openid profile offline_access https://outlook.office365.com/SMTP.Send
    • openid profile offline_access https://outlook.office365.com/POP.AccessAsUser.All

     

    #FileTransfer

    Best Regards,

    Limagito Team

    By Limagito-Team 365 IMAP4 OAuth2 , , ,
  • 28 Jul

    IMAP4 Custom Search Query option in Limagito File Mover

    In version v2021.7.28.0 we added a IMAP4 Custom Search Query option for the Second API Vendor (Vendor 2 – CK). This will give you quite some power to customize your search queries.

    Limagito File Mover IMAP4 Custom Search Query

    Select ‘Custom Search Query’ and add a ‘Search Filter’ for Email Matching Criteria.

    Return all messages.
    Search Filter: ALL

    Search for already-answered emails.
    Search Filter: ANSWERED

    Search for messages on a specific date. The date string is DD-Month-YYYY where Month is Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, or Dec.
    Search Filter: SENTON 05-Mar-2007

    Search for messages between two dates. SENTBEFORE finds emails sent before a date, and SENTSINCE finds email sent on or after a date.
    The “AND” operation is implied by joining criteria, separated by spaces.
    Search Filter: SENTSINCE 01-Mar-2021 SENTBEFORE 05-Mar-2021

    Another example of AND: find all unanswered emails sent after 04-Mar-2007 with “Problem” in the subject.
    Search Filter: UNANSWERED SENTSINCE 04-Mar-2021 Subject “Problem”

    Find messages with a specific string in the body.
    Search Filter: BODY “problem solved”

    Using OR. The syntax is OR <criteria1> <criteria2>. The “OR” comes first, followed by each criteria.
    For example, to match all emails with “Help” or “Question” in the subject.
    You’ll notice that literal strings may be quoted or unquoted. If a literal contains SPACE characters, quote it.
    Search Filter: OR SUBJECT Help SUBJECT Question

    ****************************************************
    *** FYI Strings are case-insensitive when searching ***
    ****************************************************
    Find all emails sent from limagito.com addresses.
    Search Filter: FROM limagito.com

    Find all emails sent from anyone with “John” in their name.
    Search Filter: FROM John

    Find emails with the RECENT flag set.
    Search Filter: RECENT

    Find emails that don’t have the recent flag set.
    Search Filter: NOT RECENT

    This is synonymous with “OLD”.
    Search Filter: OLD

    Find all emails marked for deletion.
    Search Filter: DELETED

    Find all emails having a specified header field with a value containing a substring.
    Search Filter: HEADER DomainKey-Signature paypal.com

    Find any emails having a specific header field. If the 2nd argument to the “HEADER” criteria is an empty string,
    any email having the header field is returned regardless of the header field’s content.
    Find any emails with a DomainKey-Signature field.
    Search Filter: HEADER DomainKey-Signature “”

    Find NEW emails: these are emails that have the RECENT flag set, but not the SEEN flag.
    Search Filter: NEW

    Find emails larger than a certain number of bytes.
    Search Filter: LARGER 500000

    Find emails marked as seen or not already seen.
    Search Filter: SEEN
    Search Filter: NOT SEEN

    Find emails having a given substring in the TO header field.
    Search Filter: TO support@limagito.com

    A more long-winded way to do the same thing.
    Search Filter: HEADER TO support@limagito.com

    Find emails smaller than a size in bytes.
    Search Filter: SMALLER 30000

    Find emails that have a substring anywhere in the header or body.
    Search Filter: TEXT “Log File”

     

    If you need any help with this second ‘IMAP4 Custom Search Query’, please let us know.
    Best Regards,

    #FileTransfer

    Limagito Team

    By Limagito-Team IMAP4 , ,
  • 28 Jul

    Second IMAP4 Vendor option was added in Limagito File Mover

    A second IMAP4 vendor was added in LimagitoX File Mover version v2021.7.28.0. This second vendor is also based in the USA and has a long history with providing API’s for many internet protocols. The reason we did this is because we want to be ready for the future. This second vendor opens new opportunities and also supports TLS1.3 (Security Tab – Select ‘Automatically TLS’).

    Limagito File Mover IMAP4 Setup

    For this Second Vendor we added a ‘Custom Search Query’ option.

    Limagito File Mover IMAP4 Custom Search Query

    If you need any help with this ‘Second IMAP4 Vendor’, please let us know.

    Best Regards,

    Limagito Team

    By Limagito-Team IMAP4 ,
SEARCH