Couldn't Exchange OAuth Code for a Microsoft Refresh Token
When authenticating with Nylas using Office365 OAuth, users may sometimes receive the following error after authentication:
Couldn't exchange OAuth code for a Microsoft refresh token
You will notice in the callback URL at the top of the browser has
M.R3_BAY... or M.R2_BAY referenced in it.
The end-user is trying to authenticate one of these accounts:
- Office 365 family
- Office 365 personal
- Office 365 free
- They are with a private group
Azure AD does not support these account types, and OAuth will fail.
Use Basic authentication instead of Modern or Oauth. If using Hosted Authentication you can fool the Authentication workflow into basic by typing in nonsensical email for example, [email protected] into the login_hint (email) prompt, you will then be provided with all the provider options.