(C) Office365 OAuth2 Client Credentials Flow for SMTP, IMAP, POP

See more Office365 Examples

Demonstrates how to get an OAuth2 access token using the Client Credentials flow for use with Office 365 in the SMTP, IMAP, and POP3 protocols.

This is a way of getting an OAuth2 access token for the O365 account you own, WITHOUT needing to grant access interactively via a browser.

Note: OAuth2 access tokens acquired using client credentials are not refreshed. This is because no interactive browser authentication was initially required. You can simply fetch another access token using client credentials using this sample code. Access tokens aquired using client credentials typically have a lifetime of 1 hour.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkHttp.h>
#include <C_CkHttpRequest.h>
#include <C_CkHttpResponse.h>
#include <C_CkFileAccess.h>

void ChilkatSample(void)
    {
    HCkHttp http;
    HCkHttpRequest req;
    HCkHttpResponse resp;
    int statusCode;
    HCkFileAccess fac;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Get an OAuth2 access token by sending a POST like this:

    // 	POST {tenant}/oauth2/v2.0/token
    // 	Host: login.microsoftonline.com
    // 	Content-Type: application/x-www-form-urlencoded
    // 
    // 	client_id=6731de76-14a6-49ae-97bc-6eba6914391e
    // 	&client_secret=*****************
    // 	&scope=https%3A%2F%2Foutlook.office365.com%2F.default
    // 	&grant_type=client_credentials

    http = CkHttp_Create();

    req = CkHttpRequest_Create();

    // ----------------------------------------------------------------------------------------
    // Important:
    // Your Azure Entra ID app must be explicitly setup to allow for the OAuth2 client credentials flow.
    // Please follow the detailed guide for how to do it here:
    // Office365 App Setup for SMTP, POP, IMAP OAuth2 Client Credentials
    // 
    // Note: Your registered App must have the following permissions.
    // For IMAP: IMAP.AccessAsApp
    // For POP3: POP.AccessAsApp
    // For SMTP: SMTP.SendAsApp
    // ----------------------------------------------------------------------------------------

    // Use the application ID for the client_id.
    // (In Azure App Registrations, use the Application (client) ID)
    CkHttpRequest_AddParam(req,"client_id","CLIENT_ID");
    CkHttpRequest_AddParam(req,"client_secret","CLIENT_SECRET");
    CkHttpRequest_AddParam(req,"scope","https://outlook.office365.com/.default");
    CkHttpRequest_AddParam(req,"grant_type","client_credentials");

    // Replace "{tenant}" with your tenant ID, such as "112d7ed6-71bf-4eba-a866-738364321bfc".
    resp = CkHttp_PostUrlEncoded(http,"https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token",req);
    if (CkHttp_getLastMethodSuccess(http) != TRUE) {
        printf("%s\n",CkHttp_lastErrorText(http));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        return;
    }

    statusCode = CkHttpResponse_getStatusCode(resp);
    printf("response status code: %d\n",statusCode);
    printf("response body:\n");
    printf("%s\n",CkHttpResponse_bodyStr(resp));

    // The successful JSON response looks like this:

    // {
    //   "token_type": "Bearer",
    //   "expires_in": 3599,
    //   "ext_expires_in": 3599,
    //   "access_token": "eyJ0eX...ZKaeSVSg"
    // }

    // Save the JSON to a file for future requests.
    // The Office365 access token acquired by client credentials is typically valid for ..
    if (statusCode == 200) {
        fac = CkFileAccess_Create();
        CkFileAccess_WriteEntireTextFile(fac,"qa_data/tokens/office365.json",CkHttpResponse_bodyStr(resp),"utf-8",FALSE);
    }

    CkHttpResponse_Dispose(resp);


    CkHttp_Dispose(http);
    CkHttpRequest_Dispose(req);
    CkFileAccess_Dispose(fac);

    }