Hi! > I would like to try the oauth2 mechanism to autenticate my users. > > [...] > > My Thunderbird client [...]
Not a Thunderbird/Dovecot expert here, so only talking about my experience. We have a setup here with Dovecot supporting OAUTHBEARER & XOAUTH2 to allow our web-based interface (Open-Xchange) to use our SSO (also provided by Keycloak) and that works fine. However, we also got questions from users about Thunderbird so I had a quick look into it. From what I understand, from digging into https://bugzilla.mozilla.org/ and Thunderbird source code, Thunderbird is using a static list of Oauth2 providers, for which it stores the clientId/clientSecret/authorizationEndpoint/tokenEndpoint statically in its source code. As a result, I think Thunderbird can't support Oauth2 for a standard Dovecot installation without patches... (But I would love to be proven wrong and be able to provide Oauth support to our users!) Cheers, Vincent PS: Thunderbird hardcoded list: https://github.com/mozilla/releases-comm-central/blob/master/mailnews/base/src/OAuth2Providers.jsm
OpenPGP_signature
Description: OpenPGP digital signature
