Office 365 Connector
by @tirandagan
Office 365 / Outlook connector for email (read/send), calendar (read/write), and contacts (read/write) using resilient OAuth authentication. NOW WITH MULTI-ACCOUNT SUPPORT! Manage multiple Microsoft 365 identities from a single skill. Solves the difficulty connecting to Office 365 email, calendar, and contacts. Uses Microsoft Graph API with comprehensive Azure App Registration setup guide. Perfect for accessing your Microsoft 365/Outlook data from OpenClaw.
clawhub install office365-connectorπ About This Skill
name: office365-connector description: Office 365 / Outlook connector for email (read/send), calendar (read/write), and contacts (read/write) using resilient OAuth authentication. NOW WITH MULTI-ACCOUNT SUPPORT! Manage multiple Microsoft 365 identities from a single skill. Solves the difficulty connecting to Office 365 email, calendar, and contacts. Uses Microsoft Graph API with comprehensive Azure App Registration setup guide. Perfect for accessing your Microsoft 365/Outlook data from OpenClaw.
Office 365 Connector (Multi-Account Enhanced)
Overview
This skill provides resilient, production-ready connection to Office 365 / Outlook services including email, calendar, and contacts. Now with multi-account support (v2.0.0), you can manage multiple Microsoft 365 identities (work, personal, consulting, etc.) from a single skill installation.
It solves the common challenge of connecting to Office 365 from automation tools by providing OAuth authentication, automatic token refresh, per-account isolation, and comprehensive Azure App Registration setup guidance.
Perfect for:
New in v2.0.0: Multi-account support! See MULTI-ACCOUNT.md for complete usage guide.
Attribution: Enhanced by Matthew Gordon (matt@workandthrive.ai) - See CREDITS.md for full attribution.
What's New in v2.0.0
Major Enhancements by Matthew Gordon:
--account=name flag across all operationsSee CHANGELOG.md for complete version history.
Capabilities
Email Operations
Calendar Operations
Contact Operations
Quick Start - Multi-Account
Add Your First Account
cd skills/office365-connectorAdd account
node accounts.js add work you@work.com "Work account"Authenticate
node auth.js login --account=work
Add More Accounts
# Add personal account
node accounts.js add personal you@outlook.com "Personal"Add consulting account
node accounts.js add consulting you@client.com "Consulting"Set default
node accounts.js default workList all accounts
node accounts.js list
Use Your Accounts
# Check work calendar
node calendar.js today --account=workRead personal emails
node email.js recent 10 --account=personalSend from consulting account
node send-email.js send client@example.com "Subject" "Body" --account=consulting
Migrate from Single-Account Setup
Already using v1.0.0? No problem!
# Import your existing setup
node accounts.js import-legacyContinue using without changes (environment variables still work)
OR add additional accounts
node accounts.js add secondary
Prerequisites
Before using this skill, you must complete the Azure App Registration setup to obtain:
1. Tenant ID - Your Azure AD tenant identifier 2. Client ID - Your application (client) ID 3. Client Secret - Your application secret value
Setup time: ~10-15 minutes per account
See Setup Guide for complete step-by-step instructions.
Permission Validation
This skill requires the following delegated permissions (user consent required):
Email Permissions
Mail.Read - Read user emailMail.ReadWrite - Read and write access to user emailMail.Send - Send email as the userCalendar Permissions
Calendars.Read - Read user calendarsCalendars.ReadWrite - Read and write access to user calendarsContact Permissions
Contacts.Read - Read user contactsContacts.ReadWrite - Read and write access to user contactsProfile Permissions (required for authentication)
User.Read - Sign in and read user profileoffline_access - Maintain access to data (refresh tokens)IMPORTANT: Before proceeding with setup, confirm that you understand and approve these permissions. Each permission grants specific access to your Microsoft 365 data.
See Permissions Reference for detailed information about what each permission allows.
Configuration
Multi-Account Configuration (v2.0.0+)
Accounts are stored in ~/.openclaw/auth/office365-accounts.json with tokens in ~/.openclaw/auth/office365/.
Use the accounts.js CLI to manage:
node accounts.js list # List all accounts
node accounts.js add ... # Add account
node accounts.js remove # Remove account
node accounts.js default # Set default
Legacy Single-Account (Backward Compatible)
Environment variables still work for single-account use:
export AZURE_TENANT_ID="your-tenant-id"
export AZURE_CLIENT_ID="your-client-id"
export AZURE_CLIENT_SECRET="your-client-secret"
Or in OpenClaw config:
{
"env": {
"vars": {
"AZURE_TENANT_ID": "your-tenant-id",
"AZURE_CLIENT_ID": "your-client-id",
"AZURE_CLIENT_SECRET": "your-client-secret"
}
}
}
Authentication Flow
This skill uses OAuth 2.0 Device Code Flow for resilient authentication:
1. Request device code from Microsoft 2. Display user code and verification URL 3. User visits URL and enters code 4. Poll for token completion 5. Store access + refresh tokens (per-account) 6. Automatically refresh tokens when expired
Token storage: Tokens are securely stored in ~/.openclaw/auth/office365/ with mode 0600 (owner read/write only).
Usage Examples
Multi-Account Email Operations
# Read from default account
node email.js recent 10Read from specific account
node email.js recent 10 --account=workSearch in consulting account
node email.js search "proposal" --account=consultingSend from appropriate identity
node send-email.js send client@example.com "Update" "..." --account=consulting
Multi-Account Calendar Operations
# Check work calendar
node calendar.js today --account=workCheck personal calendar
node calendar.js week --account=personal
Account Management
# List all configured accounts
node accounts.js listCheck authentication status
node auth.js status --account=workRe-authenticate if needed
node auth.js login --account=work
Real-World Use Cases
Multiple Work Identities
Perfect when working across multiple organizations:
# Morning: Check all calendars
node calendar.js today --account=work
node calendar.js today --account=consulting
node calendar.js today --account=startupProcess emails by identity
node email.js recent --account=work
node email.js recent --account=consultingSend from appropriate account
node send-email.js send client@bigcorp.com "Proposal" "..." --account=work
Personal + Professional Separation
# Work hours: Work account
node calendar.js today --account=work
node email.js recent --account=workAfter hours: Personal account
node email.js recent --account=personal
Error Handling
The skill includes robust error handling for:
Rate Limits
Microsoft Graph API has rate limits:
The skill automatically handles throttling with exponential backoff.
Security Considerations
1. Token Security: Tokens stored with restricted file permissions (0600) 2. Per-Account Isolation: Each account has separate token storage 3. Scope Limitation: Request only the minimum required permissions 4. Refresh Tokens: Rotated automatically, old tokens invalidated 5. Client Secret: Never logged or exposed; stored with mode 0600 6. Multi-tenant: This setup is single-tenant (your organization only)
Troubleshooting
Multi-Account Issues
"No account specified and no default account set"
# Set a default account
node accounts.js default workOr always specify --account=
node calendar.js today --account=work
"Account not found"
# List available accounts
node accounts.js listAdd the missing account
node accounts.js add
Authentication expired
# Check status
node auth.js status --account=workRe-authenticate
node auth.js login --account=work
Common Issues
"AADSTS700016: Application not found in directory"
"AADSTS65001: User did not consent"
"AADSTS700082: Expired refresh token"
"403 Forbidden"
See Setup Guide and MULTI-ACCOUNT.md for detailed troubleshooting.
Limitations
Command Reference
Account Management
node accounts.js list # List all accounts
node accounts.js add [email] [desc]
node accounts.js remove # Remove account
node accounts.js default # Set default
node accounts.js import-legacy # Import v1.0.0 setup
Authentication
node auth.js login [--account=name] # Authenticate
node auth.js status [--account=name] # Check status
node auth.js token [--account=name] # Get access token
node email.js recent [count] [--account=name]
node email.js search "query" [--account=name]
node email.js from email@domain [--account=name]
node email.js read [--account=name]
Calendar
node calendar.js today [--account=name]
node calendar.js week [--account=name]
Send & Manage
node send-email.js send [--account=name]
node send-email.js reply [--account=name]
node cancel-event.js [comment] [--account=name]
Resources
Documentation Files
Microsoft Resources
Credits
Original Skill: office365-connector v1.0.0 from ClawHub Community
Multi-Account Enhancement (v2.0.0): Matthew Gordon (matt@workandthrive.ai)
Thank you to Matthew Gordon for contributing the multi-account enhancement that makes this skill significantly more useful for consultants, freelancers, and anyone managing multiple work identities!
See CREDITS.md for complete attribution.
License
Maintains compatibility with the original skill's licensing. See CREDITS.md for details.
βοΈ Configuration
Multi-Account Configuration (v2.0.0+)
Accounts are stored in ~/.openclaw/auth/office365-accounts.json with tokens in ~/.openclaw/auth/office365/.
Use the accounts.js CLI to manage:
node accounts.js list # List all accounts
node accounts.js add ... # Add account
node accounts.js remove # Remove account
node accounts.js default # Set default
Legacy Single-Account (Backward Compatible)
Environment variables still work for single-account use:
export AZURE_TENANT_ID="your-tenant-id"
export AZURE_CLIENT_ID="your-client-id"
export AZURE_CLIENT_SECRET="your-client-secret"
Or in OpenClaw config:
{
"env": {
"vars": {
"AZURE_TENANT_ID": "your-tenant-id",
"AZURE_CLIENT_ID": "your-client-id",
"AZURE_CLIENT_SECRET": "your-client-secret"
}
}
}
π Tips & Best Practices
Multi-Account Issues
"No account specified and no default account set"
# Set a default account
node accounts.js default workOr always specify --account=
node calendar.js today --account=work
"Account not found"
# List available accounts
node accounts.js listAdd the missing account
node accounts.js add
Authentication expired
# Check status
node auth.js status --account=workRe-authenticate
node auth.js login --account=work
Common Issues
"AADSTS700016: Application not found in directory"
"AADSTS65001: User did not consent"
"AADSTS700082: Expired refresh token"
"403 Forbidden"
See Setup Guide and MULTI-ACCOUNT.md for detailed troubleshooting.