#2669 new
Stefan Seiz

Office365 Accounts with Two Factor Authentication

Reported by Stefan Seiz | October 8th, 2020 @ 06:42 AM

Hi,

creating a new ticket for this https://freron.lighthouseapp.com/projects/58672/tickets/1871-oauth2..., since the original ticket seems closed and not involve the use of 2FA.

My Employer uses exchange on office365 and has enabled 2FA, so my account in MailMate (setup as IMAP account with password auth) just stopped working. I have followed the steps in https://freron.lighthouseapp.com/projects/58672/tickets/1871-oauth2... and am very close to being able to log in.

The Problem is, that after supplying the password and 2FA-Code, the Password-Dialog pops up again after a short time. Below see the relevant entries from the activity viewer. Any ideas what's going wrong here?

09:09:53 Running action
09:09:53 Sending request (20)
09:09:53 Handling request
09:09:53 Ready to run action (retry count: 0)
09:09:53 Clearing connection to outlook.office365.com
09:09:53 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:09:53 Resolved hostname (outlook.office365.com).
09:09:53 Prepare secure connection...
09:09:53 Successful connection.
09:09:53 Initiating secure connection...
09:09:53 Returned (4)...
09:09:53 Protocol version: kTLSProtocol12
09:09:53 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADQAUABSADAAMgAwADIAQwBBADAAMAAwADkALgBlAHUAcgBwAHIAZAAwADIALgBwAHIAbwBkAC4AbwB1AHQAbABvAG8AawAuAGMAbwBtAA==]
09:09:53 C: A0 CAPABILITY
09:09:53 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:09:53 S: A0 OK CAPABILITY completed.
09:09:53 Retrieving password (keychain or user request)
09:09:53 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:10:09 S:
09:10:09 Error code: 9
09:10:09 New timeout values (8/8): 24/24
09:10:09 Failed action (1000). Reset observed read/write timeouts: 8/8

09:10:09 Handling reply
09:10:09 Running action
09:10:09 Sending request (18)
09:10:09 Handling request
09:10:09 Trying to disconnect nicely (12)...
09:10:09 C: A2 LOGOUT
09:10:11 S: A1 NO AUTHENTICATE failed.
09:10:11 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:10:11 S: A2 OK LOGOUT completed.
09:10:11 Clearing connection to outlook.office365.com
09:10:12 Ready to run action (retry count: 1)
09:10:12 Clearing connection to outlook.office365.com
09:10:12 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:10:12 Resolved hostname (outlook.office365.com).
09:10:12 Prepare secure connection...
09:10:12 Successful connection.
09:10:12 Initiating secure connection...
09:10:12 Returned (4)...
09:10:12 Protocol version: kTLSProtocol12
09:10:12 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADQAUABSADAANQBDAEEAMAAwADAANgAuAGUAdQByAHAAcgBkADAANQAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:10:12 C: A0 CAPABILITY
09:10:12 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:10:12 S: A0 OK CAPABILITY completed.
09:10:12 Retrieving password (keychain or user request)
09:10:12 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:10:13 S: A1 NO AUTHENTICATE failed.
09:10:13 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:10:13 Retrieving password (keychain or user request)
09:10:13 Error code: 12
09:10:13 Failed action (1000). Reset observed read/write timeouts: 8/8

09:10:13 Handling reply
09:10:13 Error: Failed multiple retries (2). Final error code was 14.
09:10:13 Terminating non-running connection...
09:10:13 Running action
09:10:13 Sending request (21)
09:10:13 Handling request
09:10:13 Trying to disconnect nicely (12)...
09:10:13 C: A2 LOGOUT
09:10:13 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:10:13 S: A2 OK LOGOUT completed.
09:10:13 Clearing connection to outlook.office365.com
09:10:13 Ready to run action (retry count: 0)
09:10:13 Clearing connection to outlook.office365.com
09:10:13 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:10:13 Resolved hostname (outlook.office365.com).
09:10:13 Prepare secure connection...
09:10:13 Successful connection.
09:10:13 Initiating secure connection...
09:10:13 Returned (4)...
09:10:13 Protocol version: kTLSProtocol12
09:10:13 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADQAUABSADAANQBDAEEAMAAwADIAMQAuAGUAdQByAHAAcgBkADAANQAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:10:13 C: A0 CAPABILITY
09:10:13 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:10:13 S: A0 OK CAPABILITY completed.
09:10:13 Retrieving password (keychain or user request)
09:10:13 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:10:14 S: A1 NO AUTHENTICATE failed.
09:10:14 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:10:14 Retrieving password (keychain or user request)
09:10:14 Error code: 12
09:10:14 Failed action (1000). Reset observed read/write timeouts: 8/8

09:10:14 Handling reply
09:10:14 Error: Failed multiple retries (1). Final error code was 14.
09:10:14 Terminating non-running connection...
09:10:14 Running action
09:10:14 Sending request (22)
09:10:14 Handling request
09:10:14 Trying to disconnect nicely (12)...
09:10:14 C: A2 LOGOUT
09:10:14 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:10:14 S: A2 OK LOGOUT completed.
09:10:14 Clearing connection to outlook.office365.com
09:10:14 Ready to run action (retry count: 0)
09:10:14 Clearing connection to outlook.office365.com
09:10:14 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:10:14 Resolved hostname (outlook.office365.com).
09:10:14 Prepare secure connection...
09:10:14 Successful connection.
09:10:14 Initiating secure connection...
09:10:15 Returned (4)...
09:10:15 Protocol version: kTLSProtocol12
09:10:15 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADQAUABSADAANQBDAEEAMAAwADAAOAAuAGUAdQByAHAAcgBkADAANQAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:10:15 C: A0 CAPABILITY
09:10:15 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:10:15 S: A0 OK CAPABILITY completed.
09:10:15 Retrieving password (keychain or user request)
09:10:15 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:10:15 S: A1 NO AUTHENTICATE failed.
09:10:15 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:10:15 Retrieving password (keychain or user request)
09:10:15 Error code: 12
09:10:15 Failed action (1000). Reset observed read/write timeouts: 8/8

09:10:15 Handling reply
09:10:15 Error: Failed multiple retries (1). Final error code was 14.
09:10:15 Terminating non-running connection...
09:10:16 Running action
09:10:16 Sending request (23)
09:10:16 Handling request
09:10:16 Trying to disconnect nicely (12)...
09:10:16 C: A2 LOGOUT
09:10:16 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:10:16 S: A2 OK LOGOUT completed.
09:10:16 Clearing connection to outlook.office365.com
09:10:16 Ready to run action (retry count: 0)
09:10:16 Clearing connection to outlook.office365.com
09:10:16 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:10:16 Resolved hostname (outlook.office365.com).
09:10:16 Prepare secure connection...
09:10:16 Successful connection.
09:10:16 Initiating secure connection...
09:10:16 Returned (4)...
09:10:16 Protocol version: kTLSProtocol12
09:10:16 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADQAUABSADAANQBDAEEAMAAwADEAOAAuAGUAdQByAHAAcgBkADAANQAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:10:16 C: A0 CAPABILITY
09:10:16 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:10:16 S: A0 OK CAPABILITY completed.
09:10:16 Retrieving password (keychain or user request)
09:10:16 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:10:16 S: A1 NO AUTHENTICATE failed.
09:10:16 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:10:16 Retrieving password (keychain or user request)
09:10:16 Error code: 12
09:10:16 Failed action (1000). Reset observed read/write timeouts: 8/8

09:10:16 Handling reply
09:11:01 Running action
09:11:01 Sending request (19)
09:11:01 Handling request
09:11:01 Trying to disconnect nicely (12)...
09:11:01 C: A2 LOGOUT
09:11:01 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:11:01 S: A2 OK LOGOUT completed.
09:11:01 Clearing connection to outlook.office365.com
09:11:02 Ready to run action (retry count: 1)
09:11:02 Clearing connection to outlook.office365.com
09:11:02 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:11:02 Resolved hostname (outlook.office365.com).
09:11:02 Prepare secure connection...
09:11:02 Successful connection.
09:11:02 Initiating secure connection...
09:11:02 Returned (4)...
09:11:02 Protocol version: kTLSProtocol12
09:11:02 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADAAUABSADAAMgBDAEEAMAAwADkAMgAuAGUAdQByAHAAcgBkADAAMgAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:11:02 C: A0 CAPABILITY
09:11:02 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:11:02 S: A0 OK CAPABILITY completed.
09:11:02 Retrieving password (keychain or user request)
09:11:02 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:11:02 S: A1 NO AUTHENTICATE failed.
09:11:02 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:11:02 Retrieving password (keychain or user request)
09:11:02 Error code: 12
09:11:02 Failed action (1000). Reset observed read/write timeouts: 8/8

09:11:02 Handling reply
09:11:21 Running action
09:11:21 Sending request (24)
09:11:21 Handling request
09:11:21 Trying to disconnect nicely (12)...
09:11:21 C: A2 LOGOUT
09:11:21 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:11:21 S: A2 OK LOGOUT completed.
09:11:21 Clearing connection to outlook.office365.com
09:11:23 Ready to run action (retry count: 2)
09:11:23 Clearing connection to outlook.office365.com
09:11:23 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:11:23 Resolved hostname (outlook.office365.com).
09:11:23 Prepare secure connection...
09:11:23 Successful connection.
09:11:23 Initiating secure connection...
09:11:23 Returned (4)...
09:11:23 Protocol version: kTLSProtocol12
09:11:23 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADAAUABSADAANABDAEEAMAAxADQANAAuAGUAdQByAHAAcgBkADAANAAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:11:23 C: A0 CAPABILITY
09:11:23 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:11:23 S: A0 OK CAPABILITY completed.
09:11:23 Retrieving password (keychain or user request)
09:11:23 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:11:23 S: A1 NO AUTHENTICATE failed.
09:11:23 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:11:23 Retrieving password (keychain or user request)
09:11:23 Error code: 12
09:11:23 Failed action (1000). Reset observed read/write timeouts: 8/8

09:11:23 Handling reply
09:11:36 Running action
09:11:36 Sending request (21)
09:11:36 Handling request
09:11:36 Trying to disconnect nicely (12)...
09:11:36 C: A2 LOGOUT
09:11:36 S: * BYE Microsoft Exchange Server IMAP4 server signing off.
09:11:36 S: A2 OK LOGOUT completed.
09:11:36 Clearing connection to outlook.office365.com
09:11:39 Ready to run action (retry count: 3)
09:11:39 Clearing connection to outlook.office365.com
09:11:39 Trying to connect to outlook.office365.com on port 993 (CFNetwork) without STARTTLS (required)
09:11:39 Resolved hostname (outlook.office365.com).
09:11:39 Prepare secure connection...
09:11:39 Successful connection.
09:11:39 Initiating secure connection...
09:11:39 Returned (4)...
09:11:39 Protocol version: kTLSProtocol12
09:11:39 S: * OK The Microsoft Exchange IMAP4 service is ready. [QQBNADAAUABSADAANQBDAEEAMAAwADkAMAAuAGUAdQByAHAAcgBkADAANQAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
09:11:39 C: A0 CAPABILITY
09:11:39 S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
09:11:39 S: A0 OK CAPABILITY completed.
09:11:39 Retrieving password (keychain or user request)
09:11:39 C: A1 AUTHENTICATE XOAUTH2 ••••••••••
09:11:40 S: A1 NO AUTHENTICATE failed.
09:11:40 Error: Server response: “A1 NO AUTHENTICATE failed.”. Command attempted: “A1 AUTHENTICATE XOAUTH2 ••••••••••”.
09:11:40 Retrieving password (keychain or user request)
09:11:40 Error code: 12
09:11:40 Failed action (1000). Reset observed read/write timeouts: 8/8

09:11:40 Handling reply
09:11:53 Terminating non-running connection...
09:13:53 Running action
09:13:53 Sending request (25)
09:13:53 Handling request
09:13:53 Trying to disconnect nicely (30)...
09:13:53 C: R2 LOGOUT
09:13:53 Error: Connection error (Broken pipe).
09:13:53 Clearing connection to outlook.office365.com
09:13:53 Ready to run action (retry count: 0)
09:13:53 Disconnecting
09:13:53 Clearing connection to outlook.office365.com
09:13:53 Completed action (3). Observed read/write timeouts: 8/8

09:13:53 Handling reply

Comments and changes to this ticket

  • Stefan Seiz

    Stefan Seiz October 22nd, 2020 @ 12:38 PM

    It is very silent here. Am i the only one which "has" to use such an account with 2FA-Auth, or what is going on?

    I am currently also using "DavMail" as a workaround, but that shouldn't be a permanent solution.

    Thanks for any feedback, even if it is a "not on our priority list" or such.

  • Klay

    Klay October 25th, 2020 @ 09:52 PM

    I am using 2FA (Authenticator app) with Office365 for work and never had an issue.

    Have you changed your password lately? If you have not tried this already, close MM, go into your Mac keychain and delete all your O365 related details. Then open MM and try logging in again. O and make sure you delete every single Microsoft related details - there are lots of them!

    Are you using an app specific password or your main password for the account? If your main password, have you tried using an app specific password? I never bothered using the main username/password but instead created an application specific password for Mailmate. Never had a single issue.

    From your logs, it appears to be a local issue but I can't be 100% certain.

  • Stefan Seiz

    Stefan Seiz October 26th, 2020 @ 09:58 AM

    Thanks a lot for the reply @Klay. I guess i am not completely following you.
    You say, that you are using an app specific password, which is the substitute if one can NOT use 2FA. You also say, that you are using 2FA though.

    I am using the regular account password and 2FA. This method works fine in all my other Apps – Fantastical, Apple Mail (Exchange Account), just not in MM. That said, i can't believe any Keychain Entries are the cause of the Problem, since it should then also affect the other apps.

  • Klay

    Klay October 26th, 2020 @ 11:31 AM

    ok, try this first:

    1. MM - File-> edit IMAP account -> choose your O365 account.
    2. In the dialog box for IMAP ensure that port 993 is set, "Require SSL" is ticked, "Oauth2" is ticked.
    3. In the dialog box for SMTP ensure that port 587 is set, "required SSL" is ticked, "OAuth2" is ticked.

    Then retry. What happens?

  • Stefan Seiz

    Stefan Seiz October 26th, 2020 @ 11:41 AM

    That is/was the exact setting i had in place, when i posted the above entries from activity viewer.

    When i do that, i get the usual webview asking me for my password and after submitting, it asks me for the OTP-Code. Once i submit that, the webview closes and after a second of two opens again, asking me for my password. Endless loop.

    If i enter an app-specific password instead ot the real account password, i get an error in the webview "wrong password", which seems logical, as MS says that App Specific Passwords aren't valid for IMAP accounts.

  • Mike

    Mike October 26th, 2020 @ 12:41 PM

    I have been using DavMail for a few years now to connect to our company exchange. It really works excellently.

    What makes this solution more than a workaround is that DavMail translates the Exchange categories and IMAP keywords in both directions.Exchange-IMAP does not do this. I use quite a lot of tagging to structure my tasks.

    DavMail has only one small catch: the GUI version is very crash prone. But if you use it in server mode, it is very stable.

  • benny

    benny October 26th, 2020 @ 01:46 PM

    @Stefan: Sorry about the late reply. OAuth2 issues are generally very hard to debug, because the error messages do not really tell anything about what fails. I know it works for several users which means that it's not a general issue in MailMate, but I'm naturally not ruling out a bug in MailMate. One way to learn more would be to try connecting to the account using Thunderbird (which is also able to use OAuth2 via IMAP).

  • Stefan Seiz

    Stefan Seiz October 26th, 2020 @ 03:29 PM

    @benny i'll set the account up in thunderbird. Anything specific i should test except just seeing if it works there?

  • Stefan Seiz

    Stefan Seiz October 26th, 2020 @ 03:57 PM

    Thunderbird is now configured with my account an downloading my inbox as we speak.
    I'd attach a screenshot of my settings, but "Upload Quota Reached"

  • benny

    benny October 26th, 2020 @ 08:44 PM

    @Stefan: The connection output you provided looks fine and therefore I don't think it's a settings issue. The issue might be that Thunderbird is allowed by your organization, but MailMate isn't. You can try asking your IT department about that.

  • Klay

    Klay October 26th, 2020 @ 11:32 PM

    I doubt the IT dept are blocking the app. I personally thought the issue was something to do with your authentication via Keychain or IT blocking SMTP access. Since you can use Thunderbird, that rules out the IT dept blocking SMTP access.

    There are three things I can suggest but no guarantee. I am using both Outlook and Fantastical and not seen this issue.

    1. Keychain - The reason I am saying check Keychain is more of a hunch. Is there any harm in searching Keychain and deleting all the com.feron.MailMate.Office365 entries and retrying?

    2. I use both app specific passwords and the main password. Back to the original suggestion. App specific passwords only work if your IT dept allow this, if not, then no go. But if you go to the url pasted below and select "add method" and set an app specific password. Then edit or create a new IMAP account in MM and use the same username, but this time the app specific password. It is a long shot, but it may just help. https://mysignins.microsoft.com/security-info.

    3. What browser are you using? Possibly some cache issue? As a last resort, clear your browser cache OR set a different default browser temporarily so that when you are asked to authenticate, you can use a different browser.

  • Stefan Seiz

    Stefan Seiz October 27th, 2020 @ 07:22 AM

    @benny we are a pretty small company without an IT-Department (we all work in IT). When i started to deal with this, MM was indeed not "allowed". My boss made me an Admin for 2 Hours so i could try myself to get up and running. I did the explicitly allow MM myself. Since then it is definitively allowed.

    @klay i appreciate all your help, but sometimes really don't get what you say. When i authenticate an office account in MM, there is no browser being opened. The Authentication happens right in a little window inside MM. So there is no browser that can be switched or such. I did delete all related MailMate-Entries in Keychain but that didn't help.

  • Klay

    Klay October 27th, 2020 @ 08:03 AM

    @Stefan, my apologies for not being clearer - Does this describe what you are seeing on MM?

    https://answers.microsoft.com/en-us/msoffice/forum/msoffice_outlook...

  • benny

    benny October 27th, 2020 @ 03:21 PM

    @Stefan: I've asked followers of ticket #1871 to see if they can help debug this issue. I do see a timeout in the beginning of the output you provided. A wild guess is that authentication is slow and when this has failed a few times then the server simply rejects immediately as some kind of DOS-defence. You can increase the default timeout (which is pretty low) like this:

    defaults write com.freron.MailMate MmMinimumConnectionTimeout -integer 60
    

    It would also help if you can find some kind of server log which provides more information than just A1 NO AUTHENTICATE failed. I'm hoping other Office365 users know where to locate that if possible.

  • Stefan Seiz

    Stefan Seiz October 27th, 2020 @ 04:21 PM

    Funny enough, when i login to my MS Account, i see the logins from MM as "successful". This is totally weird.

    Would it help if i record the SSL-Traffic between MM and Microsoft? I use the "Proxyman" App which does capture even SSL Traffic in clear, readable form (and looking at that, it also seems the Auth is successful).
    I would not want to post that here though, as it contains sensitive information.

  • Stefan Seiz

    Stefan Seiz October 27th, 2020 @ 04:25 PM

    "when i login to my MS Account" meant, logging into the Web-Interfce of my account, where i can check security, access etc. The successful logins can be seen here: https://mysignins.microsoft.com

  • benny

    benny October 27th, 2020 @ 06:53 PM

    @Stefan: With regard to “successful” then that probably just means that the authentication process providing the tokens works well. It's when using the token via IMAP that authentication is rejected. I'm sure the “raw” traffic will not show more than we can see in the Activity Viewer of MailMate. I'll see if I can come up with some other way to debug and/or learn more...

  • Tom Scogland

    Tom Scogland October 27th, 2020 @ 08:45 PM

    I came over here from the general OAuth issue after finally getting an admin to sit down with me and allow MailMate on our system today (getting apps approved for fedramp accounts is a bit of an exercise). When the o365 side is blocking an app, you get a webview that specifically says it needs admin approval. If an admin then logs in, it asks for permission to provide that application with keys for the organization, and if that's accepted gets into a loop that looks a bit like this where it's using the admin's credentials to try to log into the user's account.

    At least for me, switching back to plain auth and deleting the oauth keys, then switching back to oauth and logging in solved the issue. I can't be sure it's the same problem, but if it's going straight to a login prompt it's almost certainly not an app restriction on your organization.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Mac OS X email client.

Shared Ticket Bins

People watching this ticket

Referenced by

Pages