Office365 via OAuth2 with Geary

or any desktop e-mail client of choice for that matter of fact

Jeremy Cheng


Unless you are a fan of webmail or only use the Outlook desktop/mobile apps for e-mail, you better hope your alternative e-mail client of choice supports logging into Office 365 with OAuth2. Now if you are a Linux user or you simply want to use an opensource solution, well, you are left with even less choices. It basically comes down to Mozilla Thunderbird or maybe Mailspring and that’s pretty much it. However, the problem with both Thunderbird and Mailspring is that it’s sometimes resource hungry and heavier than what most people need in an e-mail client. Thunderbird also sports a UI that still looks year 2000. So for many years now, I have personally been using Geary as my primary e-mail client. It’s a modern, no frills, lightweight e-mail client that does nothing but e-mail beautifully which is exactly what I need.

While Office 365 is not my main choice of service provider, I do have clients that use it for one reason or another. Some of these reasons are even legit. i.e. Google is blocked in some countries so if you travel there often, it’s sort of a pain to have all your users use a VPN just to check their work e-mail.

However, there’s a caveat with using Geary with Office 365. That is Geary depends on Gnome Online Accounts and Gnome Online Accounts to this day still does not support Office 365 OAuth2. Yes, it supports personal accounts but just not Office 365. As such, my long standing yet lack luster workaround was to generate App Passwords so I can keep using Geary as the mail client.

However, aside from the security implications of using basic auth, recently, Microsoft has officially started shutting off basic auth all together which means, I needed a fix and I needed it quick. This is when I came across this neat little program written in Python that claims to proxy your imap/smtp connections and handles the OAuth2 part for you.