Outlook Mail Retriever

The tool uses your imported Refresh Token and Client ID to send direct requests to Microsoft OAuth endpoints to refresh the Access Token, then uses that token to call Microsoft Graph API to retrieve emails.

Yes, completely safe. This is a purely client-side tool without any backend database. All account information is stored locally on your device in your browser's local storage (localStorage). However, do not use it on public computers and keep your browser data secure.

Due to Microsoft Login endpoint security, if your Client ID is registered in Azure as a 'Web' app instead of a 'SPA (Single Page Application)', Microsoft will block direct browser-based token refresh requests. You can enable 'CORS Proxy' in settings, or install a browser Allow-CORS extension to resolve it.

You can register a free application in the Azure portal, grant it 'Mail.Read' and 'offline_access' permissions to get a Client ID, and direct users to complete OAuth login to get a Refresh Token. The tool also provides common public Client ID presets (like Azure CLI).

It is a text file format where each line represents an account, commonly separated by '----', e.g., 'Account----Password----ClientID----ClientSecret----RefreshToken'. You can match any column ordering with our custom parser mappings.