Microsoft advised customers to discontinue BASIC authentication for Office 365 SMTP service. This page documents how to enable OneList to use Microsoft Graph Service for sending and receiving email. OneList authenticates with MS Graph using the OAUTH client credentials grant flow.
Azure AD Configuration
Create a new Application Registration for OneList.
Create a client secret for the application.
Add the following Application Permissions for Microsoft Graph and grant Admin consent to all the permissions.
Mail.ReadWrite
Mail.Send
Copy the Tenant Id, the Application Id and the Client Secret for OneList configuration.
More information can be found here:
https://learn.microsoft.com/en-us/graph/auth-v2-service
https://learn.microsoft.com/en-us/graph/permissions-reference#application-permissions-39
OneList Configuration
Add the following entries to the Kubernetes config map:
IMAP__Authority: https://login.microsoftonline.com/<Azure Tenant Id>/v2.0
IMAP__ClientId: <the Application Id>
IMAP__ClientSecret: <the Client Secret>
IMAP__UserName: <the mailbox user account>
IMAP__Class: IQX.OneList.EmailApproval.Services.MsGraphHandlerService (only required for Email Approval)
Mailer__Class: IQX.Comms.Services.MSGraphMailer