Help for Alpine - XOAUTH2
You are in Home > Miscellaneous > XOAUTH2

Contents

  1. Introduction
  2. Setting Up Alpine with Gmail
  3. Setting Up Alpine with Outlook
  4. Setting Up Alpine with Yahoo
  5. Setting Up Alpine with Yandex
  6. Other Providers

Introduction to XOAUTH2

XOAUTH2 is a special way in which you allow a program access to your data. The idea of XOAUTH2 is to create the illusion of security by allowing only temporary access to a user to their own data.

The idea is simple. If a user can authenticate to a server, then that user is given a key that allows the user to create temporary passwords. These passwords are only valid for a short period of time and they must be renewed constantly in order for the user to keep having access to their data. This revalidation is done without the user noticing.

The key given by the server must be saved securely. If you share that key you are sharing access to your data, so all efforts must be made to keep that key secure.

Setting Up Alpine with Gmail

Explaining what is going on with Gmail is a little bit long. I have had to modify the directions to set up Alpine with XOAUTH2 several times and I am not confident that these directions will not have to be modified in the future. These directions are good at the moment of this writing. If they stop working, please let me know.

The process you will have to follow can be roughly divided into three steps.

Fortunately Google allows you get your own Client-Id and Client-Secret. There is a moment later on that you will have to make a decision based on if you are registering Alpine for reading email in a personal Gmail account, or if you are registering Alpine to read school or work email. The process for both cases is very similar, and we will explain the differences below.

If you are getting a client-id and client-secret to access email in your organization (school or work, generally referred to as a G-Suite account), then Alpine becomes an internal app, and if you are getting a client-id and client-secret to access your personal email, then Alpine becomes an external app.

Each of the links in the next steps will take you to a full explanation, with images, on how to accomplish that specifc step.

Setting Up Alpine with Outlook

The process to set up Outlook is much simpler, and is descibed in Setting Up Alpine with Outlook.

Setting Up Alpine with Yahoo!

The process to set up Yahoo uses the authorize method. In order to use XOAUTH2 with Yahoo! set up your inbox-path and smtp servers as follows

inbox-path = {imap.mail.yahoo.com/ssl/user=yourid@yahoo.com/auth=xoauth2}INBOX
smtp-sever = smtp.mail.yahoo.com/ssl/user=yourid@yahoo.com/auth=xoauth2

You can replace /auth=xoauth2 by /auth=oauthbearer, if you wish. Alpine supports both methods.

Once you have followed the link given to you by Alpine, and authorized Alpine to access your email, you will be given a code. Copy the code, close the window where you were given the code, and enter the code into Alpine.

Alpine will use the code you obtained to obtain a refresh token and your first access token.

Setting Up Alpine with Yandex

The process to set up Yandex is very similar to setting up XOAUTH2 with Gmail, and is descibed in detail at Setting Up Alpine with Yandex.

Setting up XOAUTH2 in other providers

Setting up Alpine with other providers (such as AOL, for example) is not possible at this time. If you know of documentation that will let me add support for any other providers, please let me know. Thank you.
You are in Home > Miscellaneous > XOAUTH2