Microsoft 365 OAuth Authentication

Microsoft 365 has introduced new authentication requirements for Apps using standard open Internet protocols. Microsoft calls these "legacy protocols", but really they are the open standards that power the Internet. Such protocols include IMAP, SMTP and POP3 for email. This guide will help you configure your Microsoft 365, Exchange Online or Office 365 tenant to allow Apps to access your user mailboxes using IMAP, POP3 and SMTP and modern authentication methods such as OAUTH2 (also known as XOAUTH when used with these protocols). By default all Microsoft's own Apps are allowed to access your tenant and mailboxes without any additional configuration. Third party apps require a little more configuration to get through.

To begin with you need to setup your Azure Portal Active Directory Tenant to accept authentications/connections from the third party App. In this case we will use Hexamail POP3 Downloader, but the same process is required for all third party apps

Navigate to the Azure Portal using this link: https://portal.azure.com/ You will be prompted to sign-in as the Domain administrator for your tenant.

Login to the Azure Portal

Next click the hamburger menu icon in the top left and select Azure Active Directory

Navigate to Active Directory

On the Overview page click the copy button to copy your Tenant ID. Enter it into this box and we will auto-register the Hexamail POP3 Downloader app in your tenant:

Or alternatively visit this URL and replace the TENANTID with your Tenant ID string: https://login.microsoftonline.com/TENANTID/oauth2/authorize?client_id=95f5108c-d96e-4387-bdd4-88958ad925fc&response_type=code&prompt=admin_consent

You will be asked to sign in again as the Tenant administrator and then accept that Hexamail POP3 Downloader be given access to your domain for SMTP AUTH, POP, IMAP and be able to continue to access unattended.
Click Accept if you want Hexamail POP3 Downloader to be granted this access.
Don't worry about the page not found following this, the access will be granted.
You can now check by clicking on Enterprise Applications in the Azure Portal Active Directory menu. You should now see Hexamail POP3 Downloader listed.

Navigate to Enterprise Applications

Click on the application name listed Hexamail POP3 Downloader

Navigate to Permissions

Click on the Permissions

Configure the Permissions

If the permissions are not already granted please click on the Grant admin consent button You should now be able to use Hexamail POP3 Downloader with Microsoft 365. Each user or account will need to authenticate within Hexamail POP3 Downloader to get access and accept the necessary permissions as well.

Hexamail POP3 Downloader uses POP3 or IMAP to collect email from Microsoft 365 or Exchange online and SMTP to send email. Please ensure that IMAP, POP3 and/or SMTP are enabled for all the mailboxes with which you wish to use Hexamail POP3 Downloader