OAuth 2.0 with IMAP/SMTP for Office 365 in ASP.NET Core 3.1 MVC applications

Introduction

You can create an ASP.NET Core web application which is able access Office 365 account of a user via IMAP and SMTP without knowing the password of this user.

We modified Microsoft's 2-WebApp-graph-user/2-1-Call-MSGraph sample to support IMAP/SMTP access in addition to Graph API. You can find the modified sample in My Documents\MailBee.NET Objects\Samples\ASP.NET\cs_netcore31_office365_oauth_samples folder. The sample is available in C# version only.

The sample utilizes the latest .NET tech (at the moment of writing) and thus requires .NET Core 3.1 at least. You'll need Visual Studio 2019+ as well.

Register Azure project

Create an application in Azure Portal. You may need to create an account there first.

Find App Registrations section.

Click New registration. Type some Name the users will see on the consent screen. For Supported account types, we used Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) to target the widest set of Microsoft users.

Redirect URI can be set later. Click Register.

Save Application (client) ID, you'll need to specify it in the app code.

Click Authentication in Manage section. In Platform configurations, click Add a platform and then Web aplications / Web. Set Redirect URI to somewhat like https://localhost:44321/signin-oidc (you'may need to adjust this value later). Tick Access tokens and ID tokens checkboxes as well.

Now you have something close to this:

In Manage / Certificates & secrets, click New client secret. You need to save the secret in some other place as you won't be able to retrieve it again.

In Manage / API permissions, click Add a permission. Select Microsoft Graph, then Delegated permissions, and in Select permissions search box type IMAP.AccessAsUser.All:

Click Add permissions.

Modifications

The original sample from Microsoft is already capable of dealing with OAuth 2.0 access and refresh tokens.

The below is the list of changes required to add support for IMAP/SMTP and offline access which makes it possible to access the user's account in non-interactive mode (after the user gave the initial consent):

Again, the modified sample where you just need to set your Office 365 domain, ClientId/ClientSecret and MailBee.NET Objects license key, can be found at My Documents\MailBee.NET Objects\Samples\ASP.NET\cs_netcore31_office365_oauth_samples folder.

In case if you change the port the sample app runs on (by default, it's https://localhost:44321 and can be configured in Visual Studio project settings, Debug / Web Server Settings / App URL), you need to adjust port or protocol change in Redirect URI which you configured in Azure.

When you run the sample, you log in first (and give consent to access your Office 365 account), and then you can click Check/Send email to make the app check inbox and send email from you to yourself.


Send feedback to AfterLogic

Copyright © 2006-2020 AfterLogic Corporation. All rights reserved.