Only show these results:

Couldn't Exchange OAuth Code for a Microsoft Refresh Token

When authenticating with Nylas using Office365 OAuth, users may sometimes receive the following error after authentication:

Couldn't exchange OAuth code for a Microsoft refresh token

You will notice in the callback URL at the top of the browser has M.R3_BAY... or M.R2_BAY referenced in it.

The end-user is trying to authenticate one of these accounts:

  • Office 365 family
  • Office 365 personal
  • Office 365 free
  • They are with a private group

Azure AD does not support these account types, and OAuth will fail.

Solution Office 365 Refresh Token

Use Basic authentication instead of Modern or Oauth. If using Hosted Authentication you can fool the Authentication workflow into basic by typing in nonsensical email for example, gobbly@wobblyjumper.no into the login_hint (email) prompt, you will then be provided with all the provider options.