This is similar to the problem I encountered about a year ago, but now much worse. My main account is now immediately failing to log in with the following error:
Failed to obtain access token from address “https://login.microsoftonline.com/common/oauth2/v2.0/token”: Bad Request ({"error":"invalid_grant","error_description":"AADSTS9002313: Invalid request. Request is malformed or invalid. Trace ID: b35f40f0-335c-4c58-8f95-cb3893360100 Correlation ID: e294ba35-25ed-49c3-a220-6bc7c0615bb5 Timestamp: 2025-10-01 20:10:44Z","error_codes":[9002313],"timestamp":"2025-10-01 20:10:44Z","trace_id":"b35f40f0-335c-4c58-8f95-cb3893360100","correlation_id":"e294ba35-25ed-49c3-a220-6bc7c0615bb5","error_uri":"https://login.microsoftonline.com/error?code=9002313"})
I’m running Flatpak Evolution 3.58.0
I have tried using default settings along with all three application IDs listed here .
Hi,
sadly, changing the application ID is not enough on its own when the
previous token is already saved in the keyring.
Open Seahorse and there the Passwords. One of them will be “Evolution
Data Server - Office365[you@hotmail.com]”. Delete that entry and then
re-try in Evolution. It helped here.
I do not know why it happened, the EWS did not add any scope, thus the
invalid_grant is kinda weird to see here. If you’d open a bug in the Issues · GNOME / evolution-ews · GitLab I can try to do
something about that (like instead of giving up it should rather ask to
re-login to the account, just like if there was no saved credential).
I deleted and re-added my account. I was able to find a temporary bypass - if I use one of the application IDs (the first) with a tenant ID and default settings for other variables, I can log in by using Open in Browser, and copying the whole link.
It turns out my EWS Microsoft account was bugged - I tried to log in to check the tenant ID, and it was asking me for Microsoft authenticator codes, despite never having set up the authenticator. Any attempt to set up authentication required authentication - a real catch 22. Had to get IT to reset my MS authenticator settings before this would work.