0

I am trying to access gmail inbox to read the emails via php code.

$hostname = '{imap.gmail.com:993/imap/ssl/novalidate-cert}INBOX';
$inbox = imap_open($hostname, $username, $password) or die('Cannot connect to Gmail: ' . imap_last_error());

but getting below error.

imap_open(): Couldn't open stream {imap.gmail.com:993/imap/ssl/novalidate-cert}INBOX`

in some of solution there is option given to enable less secure apps. but gmail has no longer this setting enabled.

Try to lookout setting for less secure apps but this setting is no longer available.

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449
Pinal
  • 13
  • 1
  • If that setting is no longer available, then you should use the Gmail API instead. – M. Eriksson Jan 29 '23 at 12:21
  • @LindaLawton-DaImTo - Not sure what you mean here. First off, it's the IMAP, not SMTP they are trying to access. My point was that if Google have removed the option to allow less secure apps, what other choice do you have? If they don't allow authentication through username/password anymore, the only option is to use their API, no? _"Forcing people to use the Gmail api is not a good option for everyone"_ - Well, that's not really my decision. – M. Eriksson Jan 29 '23 at 13:23
  • You have two options the first of which is mentioned here. [Less secure apps & your Google Account](https://support.google.com/accounts/answer/6010255?hl=en#:~:text=Go%20to%20the%20Less%20secure,Allow%20less%20secure%20apps%20off.) You can create an apps password. The second option is to use [Xoauth2](https://developers.google.com/gmail/imap/xoauth2-protocol). Using the Gmail API can be a more complicated endeavor for a single use system that just simply needs to check mails or send them. The SMTP server and the IMAP server both have their place we dont always need the gmail api. – Linda Lawton - DaImTo Jan 29 '23 at 13:28
  • My point being simply if the Author wants info on the IMAP server there is really no reason to direct them to use a completely different system, your comment would not help and may just confuse them and lead them to research a system that they don't need. – Linda Lawton - DaImTo Jan 29 '23 at 13:30

1 Answers1

0

The issue is that google has removed the less secure app setting. Becouse of this you will need to either use an apps password or switch to using xoauth.

If you have 2fa enabled on your google account you can create an apps password and then just take that password and use it in place of your standard google password

imap_open($hostname, $username, $appspassword)

How I create an Apps Password in 17 seconds!

Xoauth2 is a little more complicated and involves registering an application with google and requesting authorization of the user. Let me know if you need a sample for that I may have something laying around.

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449