Solved Microsoft Office 365 OAuth support
-
Yes, so the outlook OAuth is currently broken so that it's only keeping the login for a day.
We're trying to find a solution for it, but it's going slowly.Workaround (fix):
The App Password is working correctly though so if you go to the Vivaldi Mail help site and use Option 2 for adding a Microsoft account everything should work correctly https://help.vivaldi.com/mail/mail-get-started/add-and-manage-mail-accounts/ -
tx go man go
good to kno...........
joshep -
@Ayespy
hi a'
yeah, they seem evil but their browser is supposed to be very secure closely followed by Google (one of my other email accts). some of the funkier crew are ordinary when it comes to security but hey, my mum got ransomed the other day looking at news headlines via Microsoft, so go figure!
Vivaldi is great as a centralised system and all those trackers its blocks --- sweet! but wots its reputation regarding security compromises? since Ukraine Kaspersky's out so I'll keep BitDefender which should keep my viva as safe as can be, right?
joshep -
Hello Vivaldi team,
We have the following issue with OAuth in Vivaldi Mail: when a user signs in and requests approval, even after consent is given by the admin, the user is unable to proceed and needs to ask for approval again.
MSFT states that this is due to the code responsible for showing the authentication dialog.
In the documentation here MSFT states the following:
This issue usually occur when you pass
prompt=consentparameter in your authentication request.
When passed in the authentication request, this parameter forces the users to respond to consent prompt even if consent is already provided.As documented here: Microsoft identity platform and OAuth 2.0 authorization code flow
prompt=consentwill trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app.To resolve the issue, please update your application code to not include prompt=consent in every authentication request.
Here is what our internal testing shows:
- An active directory admin can grant the permissions for his account and mail will connect just fine if the admin is on a Windows Machine and on the internal network.
- An active directory admin cannot do the same on the internal network if on Linux
- A regular user cannot login. Neither on Linux or Windows.
To clarify I have attached screenshots of the approval/consent flow.
Approval dialog appears.
After submitting an email is received that the admin needs to consent.
After consent is given this is confirmed by email.
When attempting to add the account again with OAuth the expected behavior is that you login and can acces email.
What happens is that the same consent approval dialog appears and users are stuck in a loop.
According to all documentation we could find it appears to be that the issue is in the OAuth implementation on Vivaldi's end.
Looking forward to hearing from the Vivaldi team and have a good day
-
I have a similar issue. Everytime Vivaldi tries to fetch mails, it asks me to login to my hotmail account and authorise Vivaldi. Every time, even if I constantly authorise it and it's authorised in the Account Settings from Microsoft.
-
@olohal @josalshep @mozzer @Vivaldson @pafflick @Ayespy
So the issue with Outlook/Hotmail/Office365 accounts having to log in everytime on restart has been fixed in the snapshot from May 24th
[Mail] Microsoft mail authentication popup is shown too often (VB-84230)Will go out in next stable.
If there are any other issues please let us know
-
Ggmg marked this topic as a question on -
Ggmg has marked this topic as solved on
-
@gmg I've just updated Vivaldi and nothing changed for me. I still can't log into my mail account even once. Vivaldi (via Microsoft) wants me to send a request to my company admin. Once approved (whether it is a day or 5 minutes later), Vivaldi wants me to send this request over and over again...
-
@mozzer
What build is this? -
@gmg 5.3.2679.33 (Stable channel) stable (64-bit) (Linux).
-
I read this again. The fix was for people that were having to log in every day.
Not the one you and @bvdbasch mention. That's a separate issue we'll take a look at.
-
@gmg said in Microsoft Office 365 OAuth support:
I read this again. The fix was for people that were having to log in every day.
Not the one you and @bvdbasch mention. That's a separate issue we'll take a look at.
Hey @gmg thanks for providing us with a status update. Much appreciated.
Please note that I have already suggested a possible fix in my earlier post, conform the MSFT docs.
prompt=consent will trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app.
To resolve the issue, please update your application code to not include prompt=consent in every authentication request.
I hope you can pass that along to the relevant team, to help them along as they investigate.
Please let me know if (and how) I can be of further assistance.
Cheers!
-
@bvdbasch This issue has been fixed.
Expect it in a snapshot build soon.Thanks for reporting!
Arnar
Developer at Vivaldi
-
@smerugu28
This is partially correct and still a problem. Many companies allow for the use of any mailreader. For example, for my company I can use thunderbird as mail client for office365 mailbox. In vivaldi, I can not set the 'oauth2' option when vivaldi is autodedecting my [email protected] adddress, and If I go about entering [email protected] and then accept oauth, close the oauth dialog box, head over to 'edit servers' and manually correcting to user@company, then oauth does not work, since the data entered in servers does not match with what I entered on the initial page.
If autodetection does not work, it would be nice to be able to have the oauth2 checkbox on the edit servers page anyway, as of now, when I enter the [email protected], the aouth2 box does not show.
Else could the oauth2 option be added when you type your initial address before the autodedect happens? -
@devinko
There's actually a checkbox for it that pops up if you enter something like outlook.office365.com and smtp.office365.com in the server settings.We need to make this easier by using MX records, but haven't gotten around to it yet.
-
@gmg Thanks! That worked nicely:)
-
@gmg Even my gmail account is not working at all with it. It says auto discovery failed
-
@gmg This seems like a must if we want mainstream usage. So many people must have Microsoft 365 for work and may be working from home on their own device. I got it working after having to retrieve the server settings from logging into Microsoft, but autodiscover would be even better.
-
Even when I bypass autodiscovery and configure manually, I still can't add an Office 365 account via oAuth. It just hangs at "Attempting sign in". Our org doesn't permit app specific passwords, so oAuth is the only option.
-
@arnar said in Microsoft Office 365 OAuth support:
@bvdbasch This issue has been fixed.
Expect it in a snapshot build soon.Thanks for reporting!
Arnar
I decided to give it another go today, but unfortunately a new issue presented itself: the dialog now no longer appears at all!
All settings are correct, but I get the following message: Login for outgoing server failed. Server responded with: undefined
I've added a screenshot of what the settings page looks like. Please note that the top email field disappeared after clicking the add account button!
The username fields are left blank in the screenshot on purpose; I did fill them in with the correct username, but deleted prior to taking the taking the screenshot (for obvious reasons)
Finally, just a friendly suggestion: it would be nice if the Vivaldi update pages like (https://vivaldi.com/blog/desktop/update-four-5-3/) would include the handles of those who've reported the bugs and helped with troubleshooting them; I did go through the trouble of looking at the MSFT docs, screenshotting and providing as much info as I could 🥲. To not mention community members that help out at all just feels a bit weird IMHO.
