Click here to Skip to main content
12,758,918 members (27,725 online)
Click here to Skip to main content
Add your own
alternative version


6 bookmarked
Posted 27 May 2014

Authentication Using IMAP

, 27 May 2014 CPOL
Rate this:
Please Sign up or sign in to vote.
Authenticating an application using IMAP


Most applications have an authentication process, which gives a user authorization to use an application. Most commonly user credentials are stored in a database table or third party API's are used such as Facebook to authenticate users. In this article, I explain how IMAP authentication can be used to give users access to your application.

If your developing an application where user identity information is not necessary and you have email accounts on an IMAP server then you can use the login credentials for the email accounts to authenticate your users.

Consider the following scenario, you maintain a company application. When a new employee joins the company, they are given an email account by the network administrator. Your application can authenticate the employee using the employees email account, which means your application doesn't need to create login accounts. When an employee leaves the company, the network administrator disables their email account, which will in turn deny the employee access to your application. With this approach all user accounts as centralized. One of the disadvantages is that, no identity information for the user apart from the email address exists. In order for your application to be selective about which users can access your application, you will need a separate lookup data store such as a database or an XML data file. This approach will mainly suit applications where identity information is not required and anyone with a email account can access the application, such as a company message board where the email address can be used to identity the employee.

The code presented below uses the IMAP protocol and its LOGIN command to authenticate email accounts.
class ImapAuthentication {
    protected $con;

    public function __construct($host, $port){
        $this->con = fsockopen($host, $port, $errno, $errstr, 30);

    public function authenticate($username, $password){
        fwrite($this->con, 'A1 LOGIN ' . $username . ' ' . $password . PHP_EOL);
        return $this->getResponse();

    protected function getResponse(){
            $line = fgets($this->con);
            $segments = explode(' ', $line);
            if($segments[1] =='OK'){
                return true;
            }elseif($segments[1] =='NO'){
                return false;

Using The Code

$imapAuth = new ImapAuthentication('ssl://', 993);
$auth = $imapAuth->authenticate('username', 'password');

    echo 'Login Success';
    echo 'Login failed';

Note: For SSL connections you must have the php_openssl extension enabled

This brings me to the end of this article. Please feel free to leave your comments and suggestions. You can also follow me at


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Syed M Hussain
Web Developer
United Kingdom United Kingdom
No Biography provided

You may also be interested in...


Comments and Discussions

-- There are no messages in this forum --
Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.170217.1 | Last Updated 27 May 2014
Article Copyright 2014 by Syed M Hussain
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid