Multi Factor Authentication CLI
Simple CLI tool to request and manage OAuth2 tokens. Can be used with mbsync
and msmtp
to receive and send mail with providers requiring OAuth2 authentication.
- Install Rust, either with your package manager or using rustup
- Install
mfauth
usingcargo
cargo install mfauth
- Test if it works by running
mfauth help
If you see a command not found
error, you can try putting $HOME/.cargo/bin
in your $PATH
.
- Run
mfauth init
to create an example configuration file in$HOME/.config/mfauth/config.toml
- Edit the configuration file (
$EDITOR $HOME/.config/mfauth/config.toml
) - Run
mfauth authorize <account>
to get a valid session (an access and refresh token), this will save this session in$HOME/.cache/mfauth/cache.toml
- Run
mfauth access <account>
to get a valid access token, this will automatically refresh tokens if needed - Configure your mail client to use
XOAUTH2
authentication and use mfauth to fetch the access tokens
Once in a while this might stop working if your session expires. If that happens, you can simply run mfauth authorize <account>
again and you're good to go!
A working account entry in the msmtp config using mfauth:
account microsoft
auth xoauth2
from username@outlook.com
host outlook.office365.com
passwordeval /home/user/.cargo/bin/mfauth access microsoft
port 587
tls on
tls_starttls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
user username@outlook.com
Important: isync requires the cyrus-sasl-xoauth2
extension installed to support the XOAUTH2
authentication protocol.
This is an example of a working IMAPAccount
block using mfauth.
IMAPAccount microsoft
AuthMechs XOAUTH2
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host outlook.office365.com
PassCmd "/home/user/.cargo/bin/mfauth access microsoft"
Port 993
SSLType IMAPS
User username@outlook.com