I have a desktop application which sends email from Gmail using SMTP.
Since Less secure Apps will not longer be supported, I am trying to use Google API with OAuth2. Is there any other way I can use to send email from Gmail accounts?
Also, if I use Google API with OAuth2 can we configure the client ID and client secret generated from Admin Gmail account and use the same for all the other users for authorization?
I am following this tutorial:
https://www.youtube.com/watch?v=44ERDGa9Dr4
Thanks in advance!
I have a desktop application which sends email from Gmail using SMTP. Since Less secure Apps will not longer be supported, I am trying to use Google API with OAuth2.
If you want to stick with smtp did you consider checking out Did you consider checking Xoauth2?
Have you tried using an app password im not sure if thats going away as well.
Can we configure the client ID and client secret generated from Admin Gmail account and use the same for all the other users for authorization?
If you have a google workspace domain, Then you could use a service account and set up domain wide delegation which would allow the service account to impersonate any user on your domain.
If these are standard google gmail email accounts then you will need to use oauth2 to request consent from each user.
verification
remember if you switch to Oauth2 you will need to have your app verified
Related
I want a way to log in to
Nice gmail, but not through a site, because I tried to skip it and could not skip it
Is there a site or Api or a way I tried b
smtp
But it only brings accounts whose protection is turned off and that's bad. I want to check an account gmail
gmail cheker account
I am trying to access a gmail account so I can read emails and save PDFs attached to those emails. I wrote the code and it works fine when I tested it on my personal gmail account (something#gmail.com), but now that I am trying to do it for this new address (reporting#company.com, which is a gmail business account) my code isn’t working to even connect.
I get an error message saying
Error: b’[AUTHENTICATIONFAILED] Invalid Credentials (Failure)’
I know the login email and the password are both correct. I have already downloaded the credentials.json file from the Google API page.
My code is as below:
Mail = imaplib.IMAP4_SSL(“imap.gmail.com”)
Mail.login(“reporting#company.com”,’password’)
If you're still using a password in your code, then you need to get your users to enable Less Secure Apps, or if they're using 2-Step Verification, create an App Password.
However, a better approach would be to use OAuth instead of a password. If you've downloaded the credentials.json file from the Google Developers Console, you already did the first step. :) Google has a guide to use OAuth with IMAP in Python, as well as a code sample (see the TestImapAuthentication method there).
All I had to do was enable 2-step authentication on the google account.
I am building a Python web API where I want to use Azure AD as authentication backend. On certain scenarios the clients needs to authenticate through the API to authorize to certain endpoints. The client itself is not able to authenticate to AD directly, so it needs to do it through the API using raw credentials (username, password). The API will then authenticate the user and receive the AD token and give it to the user.
So in short I am looking for a way to programmatically authenticate a user using username/password and receive the token using Python.
You can find the different authentication flows relevant for an application type and topology in this Azure AD article. The article links to the protocol overview for the authentication flows if you choose to implement.
There is also the ADAL Python auth library for Azure AD which you can use to do these flows.
Based on your scenario, you have a few options. If your client app can authenticate directly with Azure AD, you can take a look at the client credentials flow sample. If your application needs a user to authenticate and can have the user authenticate interactively, you can check out this auth code flow sample. Finally, if you must use the user's credentials to authenticate programmatically(without user interaction) in the app, you can refer to the resource owner password flow, but this is not encouraged as mentioned in the other answer.
What you are describing is the OAuth 2 Resource Owner Password Credentials Grant flow.
Note: using this one is in general a really bad idea and some other flow should be considered instead.
What you are doing here, is sending POST request containing user credentials in clear text directly to the authentication endpoint. Thus bypassing all possible added security that might be put in place.
Also, it will not work when
MFA is enabled for the user
User is federated or a MS account
This flow has no way to handle expired passwords
Consider some other authorization flow if possible, you got e.g.
Authorization code flow
Implicit grant flow
Client credentials flow
Device authentication flow
See this link to help you select which flow to use.
I am starting work on a project that will involve sending an auto generated email to a user. I am (most likely) going to build the application using Python and Django and host it as an Azure web app. The outgoing email address (hello#example.com) is hosted on Office 365. After some digging it looks like the recommended method of sending emails is the 365 Outlook API. All the documentation shows how to authenticate using AAD for a user that is logging in. However, I need to access the same email address regardless of who is using the web app.
Is there a way to securely get access to an AAD token on the backed of the server without storing a password in plaintext? Preferably the it would be in Python or REST but if need be I can switch technologies.
You can create an app only following Client Credentials Grant flow, leveraging which you can authenticate and authorize for AAD in backend.
Here is a code sample on GitHub https://github.com/Azure-Samples/active-directory-python-graphapi-oauth2-0-access, which builds an app-only app leveraging AAD in Django.
Any further concern, please feel free to let me know.
I have a Python App Engine application where a user can log in using foursquare, then they must log in using Hunch. This all works fine but now I am trying to allow the user to authenticate on the android device. I don't want the user to have to log in to both 4sq & hunch on the phone so I want them to be able to authenticate with my backend and from there this would log on on their behalf. Is there anywhere where I could find tutorials on something like this? Should I create a custom authentication on my app or allow the user to sign on using their Google Account?
If they've already authenticated with your app, and set up oauth tokens with foursquare and Hunch, you can use this pattern to authenticate with your app.
There's no way to authenticate 'on their behalf' with your app short of asking the user for their credentials. If there were, any app would be able to impersonate you to any service you use.