msoauth

• msoauth
  • Features
  • Requirements
  • Installation
  • Configuration
  • Usage
  • Integration Example (NeoMutt)
  • License

A simple CLI tool for retrieving, refreshing, and printing Microsoft OAuth2 tokens via the Device Code flow. Useful for tools like NeoMutt with OAuth2-based accounts.

Features

• Authenticates using Microsoft OAuth2 Device Code flow
• Automatically saves/refreshes access tokens
• Prints access token for use in scripts or email clients
• Logs activity via tracing
• Friendly error messages and self-healing default mode

Requirements

• Rust (use rustup to install)
• A registered Azure AD app with the following:
  • client_id
  • tenant_id
  • client_secret
  • Scopes (e.g. https://graph.microsoft.com/.default)

Installation

cargo install --path .

Configuration

Create the file:

~/.config/msoauth/config.toml

With the contents:

client_id = "YOUR_CLIENT_ID"
client_secret = "YOUR_CLIENT_SECRET"
tenant_id = "YOUR_TENANT_ID"
scope = "https://graph.microsoft.com/.default"

To obtain these values:

1. Go to https://portal.azure.com
2. Navigate to Azure Active Directory > App Registrations
3. Register a new app
4. Under Overview, copy the Application (cliend) ID and Directory (tenant) ID.
5. Under Certificates & secrets, create a new client secret.
6. Under API Permissions. Add Microsoft Graph > Delegated | User.Read or other needed scopes.

Usage

msoauth --login         # Start device login flow
msoauth --refresh       # Refresh the token if expired
msoauth --print-token   # Print current access token (refresh if needed)
msoauth --clear-token   # Delete the saved token file
msoauth                 # Default, try refresh, fallback to login

Token is stored at:

~/.config/neomutt/token.json

Integration Example (NeoMutt)

set imap_pass="`msoauth --print-token`"

License

MIT