Exchange Office365 Auth - Custom client authentication configuration
- Login issues: https://gearmage.uservoice.com/knowledgebase/articles/1991521
- O365 login failed: https://gearmage.uservoice.com/knowledgebase/articles/1991521
- Autodiscover service couldn't be located: https://gearmage.uservoice.com/knowledgebase/articles/1996555
IMPORTANT: In all cases (even the ones below), Mail Attachment Downloader requires EWS or Exchange Web Services permissioning and access. Otherwise, you will fail to auto discover or will get a 403 Forbidden error in the app.
In cases where an enterprise requires restricted permissioning, it's possible to also configure Mail Attachment Downloader with custom client IDs as follows:
IMPORTANT: Build 1067 includes support for the following configuration. Upgrade first before you try these settings out: https://gearmage.uservoice.com/knowledgebase/articles/1897276
Option-1: By default, Mail Attachment Downloader uses delegated auth using a public client and tenant ID. This is the recommended path we suggest.
Option-2: Use a confidential app-only client
Use a Confidential Client and give permissions to EWS as indicated https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth#configure-for-app-only-authentication
Use a Confidential Client and give permissions to EWS as indicated https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth#configure-for-app-only-authentication
Quit the program and the service if they are running first.
Add the exchange client id, secret and tenant id inside *.config files (MailAttachmentDownloader.exe.config MailAttachmentDownloaderService.exe.config) in Mail Application Downloader installation directory as follows:
Under the <appSettings> </appSettings> tags add...
<!-- Config for Exchange ClientId/Secret and TenantId, leave blank to use public client -->
<add key="Exchange.ClientId" value="..."/>
<add key="Exchange.ClientSecret" value="..."/>
<add key="Exchange.TenantId" value="..."/>
Option-3: Use public client with delegated auth and a custom client id + tenant id. Note: Client secret MUST NOT be specified in this case.
Use a public client and give permissions to EWS as indicated https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth#configure-for-delegated-authentication
Add the exchange client id and tenant id inside *.config files (MailAttachmentDownloader.exe.config MailAttachmentDownloaderService.exe.config) in Mail Application Downloader installation directory as follows:
Under the <appSettings> </appSettings> tags add...
<add key="Exchange.ClientId" value="..."/>
<add key="Exchange.TenantId" value="..."/>