Apple made a change to iCloud that marked third party connections as “unsafe” and would block users swiftly after connecting their iCloud email to said applications. This affects services like Context.IO, as we rely on an open IMAP connection to a mailbox in order for our system to fetch email for Context.IO powered applications.
For these reasons, we had to stop supporting iCloud accounts on ContextIO. However, we now support such accounts, but only if users setup two-factor authentication and use an app-specific password for apps powered by Context.IO.
To do this, users will need to:
- Users set-up their account for two-factor authentication (unfortunately this could take up to three days due to Apple’s security policy)
- Once two-factor authentication has been enabled, the user should be able to create an app-specific password for your application.
- Have the user enter this app-specific password when connecting their mailbox to your app via ContextIO
Warning: If a user signs up to a Context.IO powered app without two-step verification and an app specific password, their account will be marked as locked by Apple for security reasons. The user would then need to unlock their account, but if the user remains signed up in a ContextIO powered app, they will just go back to getting locked again.
From a dev standpoint, you will likely see this error when trying to fetch messages for an iCloud user:
“value”: “Error retrieving Message List. Retry later.”,
“Unable to connect to account due to credentials error”
Please note: This is not a Context.IO specific issue, this behavior happens to other applications that also connect to iCloud.
We would highly recommend adding some logic to your application that alerts users they must turn on two-step verification and use an app-specific password during user sign-up.