X-MESSENGER-OAUTH2 failed: not-authorized RRS feed

  • Question

  • Hello All,

    I'm facing a problem when trying to login.

    I'm getting this exception:

    SASL authentication X-MESSENGER-OAUTH2 failed: not-authorized: 
    at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:337)
    at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:203)
    at org.jivesoftware.smack.Connection.login(Connection.java:348)
    at com.cre8.xmpp.client.XmppClient.login(XmppClient.java:51)
    at com.cre8.xmpp.main.AppStarter.main(AppStarter.java:44)

    My implementation is like this:

    SASLAuthentication.registerSASLMechanism("X-MESSENGER-OAUTH2", XMessengerOAuth2.class);
    ConnectionConfiguration configuration = new ConnectionConfiguration("xmpp.messenger.live.com", 5222, "messenger.live.com");
    connection = new XMPPConnection(configuration);
    connection.login("my-account@hotmail.com", "password");


    public class XMessengerOAuth2 extends SASLMechanism {
    	public XMessengerOAuth2(SASLAuthentication saslAuthentication) {
    	protected String getName() {
    		return "X-MESSENGER-OAUTH2";
    	protected void authenticate() throws IOException, XMPPException {
    		try {
    			String authenticationText = this.password;
    					new AuthMechanism(getName(), authenticationText));
    		} catch (Exception e) {
    			throw new XMPPException("SASL authentication failed", e);

    What am I doing wrong?

    Monday, March 19, 2012 12:30 PM


All replies

  • Do you still have this issue? I am wondering if this was some temporary issue.

    Regards!!! Navdeep Bawa

    Tuesday, March 20, 2012 12:43 AM
  • Yes, I still have this problem.

    Are there a solution? Am I doing something wrong?


    Tuesday, March 20, 2012 12:53 PM
  • Have you looked at our Messenger XMPP code samples via the XMPP code examples Help topic? Maybe they can help here...

    Live Connect developer documentation team

    Tuesday, March 20, 2012 6:11 PM
  • Yes, I have already looked at it.

    However, I would like to authenticate the client without the necessity of show a web page to the user.

    The example proposes to open a web page where the user can put their username and password. After that, in the redirect page I get the access token. It works fine, no problems.

    But I have a client running in Java ME and authenticate the user into a web page would be a problem.

    In Java ME I don't have a web view (like in Android) or something like this.

    Is there a way to authenticate without the web page or does anyone know a possible implementation in Java ME?

    Thanks a lot!

    Monday, March 26, 2012 5:33 PM
  • Hi Fabio, it looks like what you're asking is how to authenticate using credentials that have previously been collected from a user.  However, having your application access a user's credentials directly (rather than having them authenticate on login.live.com and receiving a token from that process) is not supported:

    Monday, March 26, 2012 6:04 PM