I might just highjack this slightly by asking Amin if oidc-agent is able to handly multiple accounts since this seems to be a limitation to oauth2ms, but not to oama etc.
Btw, I have come across the first admins disabling device code flow for authentication as microsoft apparently declares it a security risk (I can't cite any sources on this yet). best, P * Mahnamfar, Amin (SCC) <[email protected]> [2026-06-26 11:04]: > Hi everyone, > > > > With the ongoing deprecation of Basic Authentication by major providers like > Microsoft Office 365 and Google, I know many CLI mail users are struggling > to keep their headless setups working with modern OAuth2 requirements. > > > > I notice many users are relying on third-party scripts like oauth2ms or > adapting mutt_oauth2.py to feed tokens to mbsync's PassCmd hook. > > > > I recently worked with the oidc-agent team to document a clean, native > alternative. oidc-agent is a dedicated daemon (similar to ssh-agent) > specifically designed to fetch and refresh OAuth2 tokens in the background. > It securely handles encryption natively and supports the "Device Code" flow > for completely headless servers. > > > > It can seamlessly feed a valid access token directly into mbsync using the > standard PassCmd hook, without users needing to manually configure GPG pipes > or manage token files. > > > > We just published step-by-step instructions on how to set this up here: > > https://indigo-dc.github.io/oidc-agent/usage/email-clients/ > > > > Would the maintainers be open to adding oidc-agent to the official > documentation or wiki as a recommended OAuth2 helper? > > > > We believe this will give the community a much more robust option to keep > using mbsync without disruption. I'd be happy to submit a patch for your > docs if you are open to it! > > > > Best regards, > > Amin Mahnamfar > > _______________________________________________ > isync-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/isync-devel _______________________________________________ isync-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/isync-devel
