Hi everyone,
With the ongoing deprecation of Basic Authentication by major providers like Microsoft Office 365 and Google, I know many CLI mail users are struggling to keep their headless setups working with modern OAuth2 requirements. I notice many users are relying on third-party scripts like oauth2ms or adapting mutt_oauth2.py to feed tokens to mbsync's PassCmd hook. I recently worked with the oidc-agent team to document a clean, native alternative. oidc-agent is a dedicated daemon (similar to ssh-agent) specifically designed to fetch and refresh OAuth2 tokens in the background. It securely handles encryption natively and supports the "Device Code" flow for completely headless servers. It can seamlessly feed a valid access token directly into mbsync using the standard PassCmd hook, without users needing to manually configure GPG pipes or manage token files. We just published step-by-step instructions on how to set this up here: https://indigo-dc.github.io/oidc-agent/usage/email-clients/ Would the maintainers be open to adding oidc-agent to the official documentation or wiki as a recommended OAuth2 helper? We believe this will give the community a much more robust option to keep using mbsync without disruption. I'd be happy to submit a patch for your docs if you are open to it! Best regards, Amin Mahnamfar
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ isync-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/isync-devel
