Compare Revisions

Thunderbird 91.8.0, released 5th April 2022, converts Gmail accounts to OAuth 2.0 in compliance with Google's schedule for requiring this login method.

Thunderbird 91.8.0, released 5th April 2022, converts the authentication method of Gmail accounts to OAuth 2.0 to help users comply with [https://support.google.com/accounts/answer/6010255 Google's requirement of OAuth 2.0 for Gmail logins]. These changes are '''required''' by Google. {note} We recommend updating to the latest version of Thunderbird for the latest security fixes and many other bug fixes and improvements. However, if you want to continue using an old version of Thunderbird below 91.8.0 at your own risk, you will have to change the authentication method to ''OAuth2'' yourself. You can also use the following steps to double-check that your authentication method is actually set to ''OAuth2'': Do {button ≡} > {menu Account Settings} > {menu YourAccount} > {menu Server Settings} > {menu Authentication method} and ensure it is set to ''OAuth2''. {/note} {warning} '''Cookies and javascript must be enabled for OAuth 2.0 to work. If you have rejected cookies in Thunderbird, the OAuth process will fail because some cookies must be accepted to store data between page updates. You need to accept cookies at least temporarily using one of the methods described below.'''{/warning} == How to avoid or correct an OAuth failure caused by rejected cookies == First, verify your general setting for cookies in Thunderbird: * Do {button ≡} > {menu Preferences} > {menu Privacy & Security} > {menu Web Content}. * Look at the checkbox {menu Accept cookies from sites}. '''If {menu Accept cookies from sites} is ''not'' checked''', do one of the following and then go through the OAuth login process again: * '''Create an exception to accept cookies from Google:''' ** Click the nearby {button Exceptions…} button to open the ''Exceptions - Cookies'' dialog. ** In the '''Address of website''' input box, enter '''https://accounts.google<!---->.com'''. ** Pick {button Allow}, then {button Save Changes}. * '''Alternatively, accept ''all'' cookies:''' ** Set the checkmark for {menu Accept cookies from sites}. After you have gone through the OAuth process, if you prefer, you can again reject cookies, because receiving and sending mail will work with cookies rejected. But rejecting all cookies or removing the exception has the disadvantage that when the OAuth token for Gmail access expires at some date in the future, the OAuth dialog will show up and fail again until you accept the required cookies. For greater detail about cookies, see the article [[Privacy panel - Remote content and cookie settings in Thunderbird]]. == How to avoid or correct an OAuth failure caused by disabled javascript == * Do {button ≡} > {menu Preferences} > {menu General} > {menu Config Editor}. * Paste in '''javascript.allow.mailnews'''. * If you see a line which contains '''false''' you must change it to true by double clicking the double-headed arrow to the right. == Check if the proper authentication tokens are being saved == * Do {button ≡} > {menu Settings} > {menu Privacy & Security} > {menu Passwords}> {menu Saved Passwords}. ** If account authentication was set to OAuth2 and OAuth login was successful you should see entries for each username (gmail account) of the form : '''oauth://accounts.google<!--.-->com (https://mail.google<!--.-->com/)''' : {note}'''Note''': The oauth entry is an OAuth2 authentication token, and not a password.{/note} ;* If account authentication was set to OAuth2 and OAuth login was '''not''' successful, check password entries for the username of the following form and delete them : '''imap://imap.gmail<!--.-->com (imap://imap.gmail<!--.-->com)''' : '''smtp://smtp.gmail<!--.-->com (smtp://smtp.gmail<!--.-->com)''' If you're still having problems, you can [https://support.mozilla.org/questions/new/thunderbird/form ask a question in Thunderbird support].