For non-Gmail clients, Gmail supports the standard IMAP, POP, and SMTP protocols. The Gmail IMAP, POP, and SMTP servers have been extended to support authorization via the industry-standard OAuth 2.0 protocol.
IMAP, POP, and SMTP use the standard Simple Authentication and Security Layer (SASL), via the native IMAP
AUTH, and SMTP
AUTH commands, to authenticate users. The SASL XOAUTH2 mechanism enables clients to provide OAuth 2.0 credentials for authentication. The SASL XOAUTH2 protocol documentation describes the SASL XOAUTH2 mechanism in great detail, and libraries and samples which have implemented the protocol are available.
Incoming connections to the IMAP server at
imap.gmail.com:993 and the POP server at
pop.gmail.com:995 require SSL. The outgoing SMTP server,
smtp.gmail.com, requires TLS. Use port
465, or port
587 if your client begins with plain text before issuing the STARTTLS command.
Session length limits
Gmail POP sessions are limited about to 7 days. Gmail IMAP sessions are limited to about 24 hours. If the session was authenticated using OAuth credentials, it's limited to about the validity period of the access token used (usually 1 hour). A session in this context is one continuous TCP connection.
When the time elapses and the session expires, Gmail closes the connection with a message saying that the session expired. After that, the client can reconnect, authenticate again, and continue. If using OAuth, make sure that the access token used is valid (if you try to use an access token older than 1 hour, it might be invalid).
Libraries and Samples
Accessing mail using IMAP or POP and sending mail using SMTP is often done using existing IMAP and SMTP libraries for convenience. As long as these libraries support the Simple Authentication and Security Layer (SASL), they should be compatible with the SASL XOAUTH2 mechanism supported by Gmail.
The Libraries and Samples page provides code samples in a variety of popular languages using the SASL XOAUTH2 mechanism with either IMAP or SMTP.