≡ oauthProvider API

• Manifest file properties

≡ Add-on developer resources

• Introduction to add-on development

• "Hello world" extension tutorial

• Developer community

• Sample extensions (Github)

• Using Promises

• Additional resources on DTN

≡ Guides

• Vendoring 3rd party libraries

• Strategies to avoid using innerHTML

• Working with WebExtension events

• Using runtime messages

• Working with message lists

• Working with vCard contacts

• Converting extensions to Manifest V3

oauthProvider API

The oauthProvider API allows to manage OAuth authentication providers for Thunderbird to use when connecting to mail/address book/calendar services.

Manifest file properties

oauth_provider

[oauth_provider]

(object, optional)

– [Added in TB 140]

Describes an OAuth authentication provider for Thunderbird. You will need to have a client ID registered with the provider to use this API.

authorizationEndpoint

authorizationEndpoint

(string)

– [Added in TB 140]

OAuth authorization endpoint address.

clientId

clientId

(string)

– [Added in TB 140]

Identifies the OAuth client to the server.

hostnames

hostnames

(array of string)

– [Added in TB 140]

One or more hostnames which use this OAuth provider.

issuer

issuer

(string)

– [Added in TB 140]

A string to identify this provider in the login manager. This should match the hostname of the authorization endpoint, although that is not required.

redirectionEndpoint

redirectionEndpoint

(string)

– [Added in TB 140]

OAuth redirection endpoint.

scopes

scopes

(string)

– [Added in TB 140]

The scopes to request when using this OAuth provider.

tokenEndpoint

tokenEndpoint

(string)

– [Added in TB 140]

OAuth token endpoint address.

clientSecret

[clientSecret]

(string, optional)

– [Added in TB 140]

Identifies the OAuth client to the server.

issuerIdentifier

[issuerIdentifier]

(string, optional)

– [Added in TB 153]

The OAuth authorization server issuer identifier, as defined by RFC 9207. If provided, it must be an exact string match to what the provider gives in the iss field.

useExternalBrowser

[useExternalBrowser]

(boolean, optional)

– [Added in TB 153]

If the login flow should use the system web browser. If true, the redirectionEndpoint must be a loopback address, so an origin of http://127.0.0.1 or http://localhost.

usePKCE

[usePKCE]

(boolean, optional)

– [Added in TB 140]

If the authorization uses PKCE.