@@ -3,8 +3,8 @@ documentation = This is a sample Email OAuth 2.0 Proxy configuration file. Confi
33 [Server setup] and [Account setup] sections below. You may delete any servers or accounts that you do not intend to
44 use. Documentation is provided inline, with example setups for Gmail and Office 365 (though you will need to enter
55 your own desktop app API client credentials in the accounts section). Use the `Reload configuration file` menu
6- option (or restart the proxy) to apply any changes.
7- warning = Do not commit changes to this file into a public repository (e.g., GitHub etc). While the proxy encrypts the
6+ option or send a SIGHUP signal (or restart the proxy) to apply any changes.
7+ warning = Do not commit changes to this file into a public repository (e.g., GitHub, etc). While the proxy encrypts the
88 OAuth 2.0 tokens it obtains and saves on your behalf, it cannot protect these against offline brute-force attacks.
99
1010
@@ -77,21 +77,22 @@ documentation = Accounts are specified using your email address as the section h
7777 reused from an existing source (such as another email client that supports OAuth 2.0), or you can register and use
7878 your own desktop app API client credentials. See https://developers.google.com/identity/protocols/oauth2/native-app
7979 and the Microsoft link below for details. Multiple accounts on the same server can use the same values for the
80- `client_id` and `client_secret` properties; just duplicate these in each account's entry below. Note that there are
81- also example account configurations for AOL and Yahoo Mail below, but these services are not currently accepting new
82- OAuth 2.0 client registrations with the mail access scope, so reusing existing credentials is the only option here.
80+ `client_id` and `client_secret` properties; just duplicate these in each account's entry below, or see the advanced
81+ `allow_catch_all_accounts` option. Note that while there are example account configurations for AOL and Yahoo Mail
82+ below, these services are not currently accepting new OAuth 2.0 client registrations with the mail access scope, so
83+ reusing existing credentials is the only option here.
8384
8485 Once the proxy is correctly configured, after the first successful use of an account its access token details will
8586 be cached for future use, encrypted with the IMAP/POP/SMTP password you used in your email client. By default this
8687 configuration file is reused for caching (so it must be writable), but you can specify a different location or
87- method using the proxy's `--cache-store` parameter. You do not need to add or edit cached values manually (i.e.,
88+ method using the proxy's `--cache-store` parameter. You should not add or edit cached values manually (i.e.,
8889 `token_salt`, `access_token`, `access_token_expiry`, `refresh_token` and `last_activity`); the proxy handles this.
8990
9091 The password used in your email client is not used for authentication with the actual email server (this is done via
9192 OAuth 2.0 in a web browser), so it can be different to your real account password, which is helpful for debugging.
9293 Please note, though, that all clients that use a particular account via the proxy should use the same IMAP/POP/SMTP
9394 password to avoid repeated re-authentication requests (which is the proxy's default behaviour when credential
94- decryption fails). See the proxy's README.md file for more information and further configuration options.
95+ decryption fails). See the proxy's README.md file for more information and the end of this file for further options.
9596
9697 Office 365 customisation:
9798 - Unlike other providers, Office 365 requires an OAuth 2.0 scope that explicitly specifies `offline_access` (shown
@@ -175,7 +176,8 @@ redirect_uri = http://localhost
175176client_id = *** your client id here ***
176177client_secret = *** your client secret here ***
177178
178- 179+ 180+ documentation = *** note: this is an advanced O365 account example; in most cases you want the version above instead ***
179181token_url = https://login.microsoftonline.com/*** your tenant id here ***/oauth2/v2.0/token
180182oauth2_scope = https://outlook.office365.com/.default
181183oauth2_flow = client_credentials
0 commit comments