New Feature: OAuth support for Microsoft Office 365

[jobisoft]

The latest beta supports OAuth 2.0 for O365.
https://tbsync.jobisoft.de

If you switch to beta in your current profile, TbSync should automatically switch from basic auth to OAuth and ask for your permission the next time you sync. You can also create a new Thunderbird profile and install the beta there and do not touch your working profile.

The setup wizard no longer has a passwort field and detects wether you are trying to setup an O365 account or something else. It will either pop a OAuth permission window or a standard password prompt.

That does make the setup for non O365 accounts a bit more ugly I think, but I have no idea how to make the wizard nicer. I should not ask for a password, if OAuth is possible, but I only learn that during discovering.

This should also work with multi factor authorization (MFA)

Feedback is welcome.

[GaryT-NZ]

Our organisation has just implemented/enforced OAuth2 on our accounts at office365, and tbsync stopped working (asking for new password), even after I updated the main thunderbird email settings.
This issue was the only mention I could find of OAuth and Tbsync, and reading this made me wonder if I needed the Beta.
To make it explicit/clear, the latest version now definitely has OAuth support.
Am I correct that there's no way to tell tbsync to change the authorisation? I ended up deleting and re-adding my tbsync calendar and task list, and it now works fine.
I thought I would add a note in case anyone else comes looking here.

[icarus42]

I ended up deleting and re-adding my tbsync calendar and task list, and it now works fine. I thought I would add a note in case anyone else comes looking here.

I can confirm that removing and adding the account again successfully helped me switching from a password prompt to an OAuth signin, which was necessary for me after two factor authentication was enabled by my organization in Office 365.

[burgsteiner]

OAUTH2 works fine for syncing emails with Thunderbird with our Office 365 accounts. Interestingly, TbSync (version 4.1 with EAS-4-TbSync 4.1.4) needs additional access permissions. After successfully authenticating the user, an additional popup says:

"Administrator permission required. To access resources in your organization, tbsync.jobisoft.de requires permission that only an administrator can grant. Ask an administrator to grant permission for this app so that you can use the app."

Why is this? Is this a bug or a feature?

[jobisoft]

TbSync has no access to your email access token and I do not think the request for the email access token included the permission to read your calendar and address books.

I have no idea why you need admin permission. Your company probably blacklisted 3rd party apps.