How to use with fastmail?

[John-Gee]

Hello,

I'm trying this app and when I give the fastmail session url it says "Unknown error occured, please try again", whereas it worked fine with ltt.rs so I know the issue is not server-side.

Thank you!

[chibenwa]

We did not hard code the OAUTH provider for fastmail which is not compatible with OpenId Connect.

Please report the problem to fastmail and forward the ticket here: I would happily follow.

[John-Gee]

Alright, I sent you the ticket information by email, thanks a lot!

Also, just in case, I am talking about JMAP, not IMAP, not sure if it matters...

Thank you!

[chibenwa]

Thanks! We actually suffer from the lack of standards regarding authentication in the JMAP protocol.
TMail position on it is "If it do not support OIDC, then default to basicAuth" which is disabled by FastMail...
This is the core issue here.

[John-Gee]

Oh it's interesting that there are still standards issue there, I thought after a decade it'd all squared up.

[chibenwa]

Well auth part was removed of JMAP spec because there's tons of auth protocols around.
But nobody uses the same one.
Normalization for modern auth on top of email is underway but is slow as it involves IMAP...

[John-Gee]

This is the final reply I believe:

Hi, Our JMAP endpoint does not support basic auth, it only supports Bearer token authorization, either via OAuth (with pre-registered client id) or by manually creating an API token. We do not support OpenID Connect. Therefore it looks like there's no way to currently connect Twake-Mail to your Fastmail account, sorry. The issue of OAuth requiring pre-registration is well known in the email community, and we are working with other major vendors on a new autodiscovery mechanism and OAuth profile that will hopefully resolve this in the future. Kind regards, Neil.

[chibenwa]

Maybe the way around is to allow on the login page in Twake Mail to specify an Authorization Bearer token.

Could you please review the corresponding issue and confirm this is what you need?

#3455

[John-Gee]

Hmmm, in part yes in part I'm not sure.

I never get to a login/password page, and maybe that's my bad?
What I do is start the app, if I tap on Create Twake ID or Sign In it takes me to the official Twake Mail site, but since I'm not using Twake Mail as my mail provider that won't do, so I tap instead on Use company server, which then asks me only for my login e-mail no password, and the next page asks for the JMAP server to which i provide https://api.fastmail.com/jmap/session and that's where it fails.

Thank you!