mirror of
https://github.com/cypht-org/cypht.git
synced 2026-04-25 04:56:03 +03:00
[GH-ISSUE #1846] 🚀 [Feature] Feature Request: Add Pre-Configured OAuth2 Support for Outlook.com/Hotmail (Like Thunderbird Does) #723
Labels
No labels
2fa
I18N
PGP
Security
Security
account
advanced_search
advanced_search
announcement
api_login
authentication
awaiting feedback
blocker
bug
bug
bug
calendar
config
contacts
core
core
devops
docker
docs
duplicate
dynamic_login
enhancement
epic
feature
feeds
framework
github
github
gmail_contacts
good first issue
help wanted
history
history
imap
imap_folders
inline_message
installation
keyboard_shortcuts
keyboard_shortcuts
ldap_contacts
mobile
need-ssh-access
new module set
nux
pop3
profiles
pull-request
question
refactor
release
research
saved_searches
smtp
strategic
tags
tests
themes
website
wordpress
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/cypht#723
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @photoevents on GitHub (Jan 27, 2026).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/1846
Originally assigned to: @christer77 on GitHub.
Problem Statement
Currently, Cypht requires users to create their own Azure App Registration to use OAuth2 with Outlook.com/Hotmail accounts. However, personal Microsoft accounts (hotmail.com, outlook.com) cannot create Azure App Registrations - this functionality is only available to organizational/work accounts.
This creates an impossible situation:
This affects millions of potential Cypht users with personal Microsoft accounts.
How Thunderbird Solved This
Mozilla Thunderbird successfully implements OAuth2 for Microsoft accounts by pre-registering an Azure application on behalf of all users:
Thunderbird's Implementation:
9e5f94bc-e8a4-4e73-b8be-63364c29d753http://localhostHow it works:
Source references:
Proposed Solution for Cypht
Register a multi-tenant Azure AD application for Cypht:
Create Azure App Registration (requires Cypht organization account):
https://{user-domain}/?page=home(configurable)Mail.ReadMail.ReadWriteMail.SendUser.Readoffline_accessIMAP.AccessAsUser.AllSMTP.SendHardcode credentials in Cypht:
config/oauth2.phpUpdate UI:
Implementation Reference
Cypht already has the infrastructure for this in
config/oauth2.php:Changes needed:
Benefits
✅ Removes major barrier for millions of Hotmail/Outlook.com users
✅ Matches competitor functionality (Thunderbird, EM Client, etc.)
✅ No breaking changes - existing manual OAuth2 setup still works
✅ Better user experience - one-click setup like Gmail
✅ Future-proof - Microsoft won't bring back basic auth
Alternative Considered
Why "just use app passwords" doesn't work:
Similar Implementations
Other email clients that use pre-registered credentials:
9e5f94bc-e8a4-4e73-b8be-63364c29d753User Impact
Current workaround requires users to:
With this feature:
Questions for Maintainers
Related:
@IrAlfred commented on GitHub (Jan 29, 2026):
Thank you @photoevents for this feature request. We will take that into account.
@marclaporte commented on GitHub (Feb 1, 2026):
Thank you @photoevents for this very elaborate research.
@marclaporte commented on GitHub (Feb 1, 2026):
@photoevents This topic would be a great discussion for an upcoming https://github.com/cypht-org/cypht/wiki/Monthly-Community-Meetings
Can you join us?