OAuth 2.0 Settings (POP3 / IMAP)

Parent Previous Next

Modern authentication (OAuth 2.0 token-based authorization) is currently used by many well-known e-mail systems such as Gmail, Microsoft (Office 365, Hotmail, Outlook.com), Yahoo! and is intended to replace Basic authentication. OAuth 2.0 support is added in Fax Voip FSP version 4.2.1.


On this page, you can specify OAuth 2.0 settings that will be used when receiving e-mails via POP3 or IMAP server, see also POP3 / IMAP Settings chapter of this user manual. Use <Get Refresh Token> button to send Authorization Request, confirm your e-mail account details and to generate Refresh Token (the procedure runs in a separate web browser window and requires user interaction). The Refresh Token has a long lifetime (usually one year) and is used to automatically obtain Access Token at the time of sending or receiving e-mail messages (without user interaction). After configuring the OAuth 2.0 settings and generating Refresh Token, click <Apply> button to save your settings.



Click to configure POP3/IMAP Settings

Click to configure POP3 / IMAP settings.


<Load Profile>

Click to load the predefined settings selected from the dropdown list on the right. As an 'OAuth 2.0 Application', we mainly used Client ID / Client Secret pairs imported from the Mozilla Thunderbird e-mail client. The following profiles (tested with Fax Voip FSP) can be selected:


Google / Gmail.com (Thunderbird)

Select this option to configure Fax Voip FSP for using with your Gmail account. To generate Refresh Token, in the Open authorization request in this browser area, select the option Default Browser or Internet Explorer. Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Google website.

Microsoft / Office 365 / Hotmail / Outlook.com (MS Oauth Test)

Select this option to configure Fax Voip FSP for using with your Microsoft (Office 365, Hotmail, Outlook.com) account. To generate Refresh Token, in the Open authorization request in this browser area, select WebBrowser (.Net), Internet Explorer, or Default Browser. Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Microsoft website.

Microsoft / Office 365 / Hotmail / Outlook.com (Thunderbird)

Select this option to configure Fax Voip FSP for using with your Microsoft (Office 365, Hotmail, Outlook.com) account. To generate Refresh Token, in the Open authorization request in this browser area, select the option WebBrowser (.Net) or Internet Explorer. Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Microsoft website.

Yahoo.com (Thunderbird)

Select this option to configure Fax Voip FSP for using with your Yahoo! account. To generate Refresh Token, in the Open authorization request in this browser area, select the option Internet Explorer or WebBrowser (.Net). Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Yahoo website.

Yandex.com (Fax Voip)

Select this option to configure Fax Voip FSP for using with your Yandex.com account. To generate Refresh Token, in the Open authorization request in this browser area, select the option WebBrowser (.Net) or Internet Explorer. Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Yandex website.

Yandex.com (Thunderbird)

Select this option to configure Fax Voip FSP for using with your Yandex.com account. To generate Refresh Token, in the Open authorization request in this browser area, select the option WebBrowser (.Net) or Internet Explorer. Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Yandex website.

Mail.ru (Thunderbird)

Select this option to configure Fax Voip FSP for using with your Mail.ru account. To generate Refresh Token, in the Open authorization request in this browser area, select the option Internet Explorer or WebBrowser (.Net). Alternatively, you can create your own 'OAuth 2.0 Application', see instructions on the Mail.ru website.


Authorization URI

The address of authorization endpoint that accepts an authentication request. The authorization endpoint is used for authentication and authorization and returns an authorization grant to the client application.

Token URI

The address of token endpoint that is used by client application to exchange an authorization grant or refresh token for an access token.

Scope

A space-separated list of scopes. OAuth 2.0 scopes provide a way to limit the amount of access that is granted to an access token.

Client ID

The public identifier for the client application.

Client Secret

Used to authenticate the identity of the application to the service API when the application requests access to a user account. Can be an empty string for a "public" application.

Redirect URI

The callback address to which authentication responses can be sent and received by application. It must match one of the redirect URIs the developer registered when creating the application, and the authorization server should reject the request if it does not match.

E-mail Address

The e-mail address associated with the user account.

Refresh Token

The Refresh Token is used to automatically obtain Access Token at the time of sending or receiving e-mail messages (without user interaction). The Refresh Token is long-lived (usually one year). To generate Refresh Token, use <Get Refresh Token> button.


<Get Refresh Token>

Use this button to send Authorization Request, confirm your e-mail account details and to generate Refresh Token (the procedure runs in a separate web browser window and requires user interaction).

Open authorization request in this browser

Choose one of the options below. We offer 3 different methods as depending on the e-mail OAuth 2.0 server and Redirect URI parameter (registered by the developer when creating the application), some of them may not work.


Internet Explorer

If this option is selected, the InternetExplorer object (Windows Internet Explorer web browser) is used to process the authorization request. This option works with all e-mail OAuth 2.0 providers we have tested. Note that this option also works in Windows 11, where Microsoft locked Internet Explorer browser.

WebBrowser (.Net)

If this option is selected, the WebBrowser Control (.NET Framework) is used to process the authorization request. Note that this option does not work with Gmail (unsupported browser error).

Default Browser

If this option is selected, the default web browser is used to process the authorization request. Please note that this option only works with applications for which Redirect URI = http://127.0.0.1 is explicitly specified by the developer. Also, this uses a random unused port, which is not always supported by the e-mail OAuth 2.0 provider. The browser window must be manually closed by the user. In our tests, this only worked with Gmail and Microsoft (Microsoft / Office 365 / Hotmail / Outlook.com (MS Oauth Test) profile). Tested with Microsoft Edge and Internet Explorer as default web browsers.


<Clear>

Click to clear all text boxes on this page.


Use OAuth 2.0 settings configured for SMTP

Select this checkbox to use the same e-mail account for both outgoing and incoming e-mail messages. If this option is selected, OAuth 2.0 Settings (SMTP) are also used for POP3 / IMAP.


Notes