sffoauth Request a new access_token using an existing refresh_token (note access_tokens are required to view/mod/zap data but are seldom valid for more than 1 hour) sffoauth -z wire/IMAP.GMAIL.OAUTH -c gmail_dotdot_feb17.json -t sff_dotdot -a -D | tee /tmp/sffoAccess-x Initial build - generate both refresh AND access (Manual process) sffoauth -z wire/IMAP.GMAIL.OAUTH -c gmail_dotdot_feb17.json -t sff_dotdot -1 -D | tee /tmp/sffoInit-x Just checking - not much sffoauth -z wire/IMAP.GMAIL.OAUTH -c gmail_dotdot_feb17.json -t sff_dotdot -k -D | tee /tmp/sffoChk-x oauth parameters for imapwiressl webwiressl and ipbdcastssl use-oauth: yes/no MUST be YES of course ! default: no oauth-credentials-file: (file in tables/cert) default: none oauth-token-file: (name of file to be stored in /fip/fix/goauth default: none oauth-scope: (list of one or more scopes, space sep) default: none oauth-scope:openid https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/appengine.admin https://www.googleapis.com/auth/sqlservice.login https://www.googleapis.com/auth/compute https://www.googleapis.com/auth/accounts.reauth oauth-flavour: or oauth-flavor: G-Google or M-Microsoft default: G oauth-refresh-script: oauth-refresh-script:/fip/bin/sffoauth -z wire/IMAP.GMAIL.OAUTH -c gmail_dotdot_2022mar7.json -t sff_dotdotmar7 -a -D These rarely change ... oauth-client-fiphdr (2 letter FipHdr code) default: IC oauth-shared-fiphdr (2 letter FipHdr code) default: IS oauth-access-fiphdr (2 letter FipHdr code) default: IA oauth-refresh-fiphdr (2 letter FipHdr code) default: IR oauth-expiry-fiphdr (2 letter FipHdr code) default: IX oauth-tenant-fiphdr (2 letter FipHdr code) default: IT oauth-scope-fiphdr (2 letter FipHdr code) default: IV oauth-authhost-fiphdr (2 letter FipHdr code) default: IH oauth-localhost-fiphdr (2 letter FipHdr code) default: IL oauth-localport-fiphdr (2 letter FipHdr code) default: IP Input switches : either -1 : get an access token from scratch (normally expects some manual interaction using a browser to accept authentication) or -a : get an access token using the refresh_token others : -D : display the transactions default: no otherwise the result will be logged in Fip ALL -n : name of a Parameter file in tables - you must specify subfolder and get the case right eg wire/IMAPWIRE_GMAIL -w : flavor/flavour - Google (for Gmail) - default - or Microsoft (for Office365) or use parameter "oauth-flavour:microsoft" or "oauth-flavor:google" -z : same as -n -v : version and exit Parameter file may have the same contents as an tables/wire/(IMAP) file or tables/mail/(SMTP) file Note that skip-balance-group and skip-balance-queue are used by 'sffoauth' to balance any changes to the tokens -- TROUBLE-SHOOTING 1. Google - refresh_token is zapped/disappears/is invalid - log into the Google Console for the Logon - second tab : https://myaccount.google.com/data-and-privacy - scroll down to 3rd party apps with account access REVOKE access to this particular App only - Cmd window - follow the instructions for generating a new refresh-token Version Control ; 0a-n 18jan22 chj original version ;i 21sep22 added balance ;jkl 20dec22 added MS Office365 as a flavour ;mn timeout on thru_socks_proxy (copyright) 2024 and previous years FingerPost Ltd.