{"slug": "connect-outlook-or-apple-mail-to-an-agent-account", "title": "Connect Outlook or Apple Mail to an Agent Account", "summary": "Nylas has released Agent Accounts in beta, enabling AI agent mailboxes to be accessed via standard email clients like Outlook and Apple Mail through IMAP and SMTP. The feature uses a single mailbox that syncs between the API and protocol access, with an app password for authentication and bcrypt-hashed credentials. Actions taken in email clients trigger webhooks identical to API operations, ensuring consistent event tracking.", "body_md": "Before: the only way to see what your AI agent was emailing customers was to query the API and squint at JSON. After: your support lead opens Outlook, and the agent's mailbox sits in the sidebar next to their own — every thread readable, every draft reviewable, replies sendable from the agent's address when a human needs to step in.\n\nThat's what protocol-level access gives you. [Nylas Agent Accounts](https://developer.nylas.com/docs/v3/agent-accounts/mail-clients/) (currently in beta) are primarily API-driven mailboxes for agents, but you can also expose any account over IMAP and SMTP submission. The killer detail: IMAP and the API read and write the *same* mailbox. A flag change, folder move, or delete through either surface shows up on the other within seconds.\n\nMail clients can't authenticate with your API key, and they shouldn't. Instead, you set an `app_password`\n\non the grant — the credential clients use for IMAP LOGIN and SMTP AUTH. Without it, both protocols reject authentication entirely, which is a sensible default: protocol access stays off until you opt in.\n\nYou can set it at creation time:\n\n```\nnylas agent account create agent@yourdomain.com --app-password \"MySecureP4ssword!2024\"\n```\n\nOr via the API:\n\n```\ncurl --request POST \\\n  --url \"https://api.us.nylas.com/v3/connect/custom\" \\\n  --header \"Authorization: Bearer $NYLAS_API_KEY\" \\\n  --header \"Content-Type: application/json\" \\\n  --data '{\n    \"provider\": \"nylas\",\n    \"settings\": {\n      \"email\": \"agent@yourdomain.com\",\n      \"app_password\": \"MySecureP4ssword!2024\"\n    }\n  }'\n```\n\nThe requirements are strict: 18 to 40 characters, printable ASCII only, with at least one uppercase letter, one lowercase letter, and one digit. The password is stored as a bcrypt hash — you can't retrieve it later, only reset it by updating `settings.app_password`\n\n. Rotating it disconnects active clients on their next authenticated command, which doubles as a clean kill switch if a credential leaks.\n\nEvery mainstream client — Outlook, Apple Mail, Thunderbird — takes the same five fields:\n\n| Setting | Value |\n|---|---|\n| IMAP server |\n`mail.us.nylas.email` (US) or `mail.eu.nylas.email` (EU) |\n| IMAP port |\n`993` (implicit TLS) |\n| SMTP server | same hosts as IMAP |\n| SMTP port |\n`465` (implicit TLS) or `587` (STARTTLS) |\n| Username / password | the agent's email address / the `app_password`\n|\n\nTLS is required on every port. The mailbox advertises IMAP SPECIAL-USE attributes, so clients automatically map the six system folders — `INBOX`\n\n, `Sent`\n\n, `Drafts`\n\n, `Trash`\n\n, `Junk`\n\n, `Archive`\n\n— to the right places, and custom folders created through the API appear as additional IMAP mailboxes (and vice versa).\n\nThis is where the single-mailbox design pays off. Every action flows through the same storage and fires the same webhooks no matter which surface initiated it:\n\n`message.created`\n\n.`unread`\n\nfield flips, firing `message.updated`\n\n.`message.created`\n\n— identical to a send through `POST /messages/send`\n\n.The full mapping is worth scanning, because it's the part that makes the human-oversight story credible — everything a person does in a client becomes an event your application can observe:\n\n| Action | Visible in | Webhook fires |\n|---|---|---|\nStar via IMAP `STORE`\n|\nAPI `starred` field |\n`message.updated` |\n| Move message via IMAP | API `folders` field |\n`message.updated` |\nDelete via IMAP `EXPUNGE`\n|\nAPI (message moved to trash) | `message.updated` |\n| Create folder via IMAP | API `GET /folders`\n|\n`folder.created` |\n| Update message via API | IMAP (flags update, IDLE push) | `message.updated` |\n\nThere's even dedup at the protocol layer: IMAP `APPEND`\n\nchecks the MIME `Message-ID`\n\nheader, so a message just sent over SMTP doesn't get duplicated when the client appends it to Sent. And both send paths use the same outbound pipeline, so there's no deliverability reason to prefer one over the other.\n\nThreading survives the protocol hop too. SMTP submission preserves the original `Message-ID`\n\n, `In-Reply-To`\n\n, and `References`\n\nheaders exactly as the client set them — so when a human replies from Thunderbird inside a conversation the agent started over the API, the recipient sees one coherent thread, and so does the agent the next time it fetches it.\n\nBoth SMTP ports take the same credentials and the same full MIME message; they differ only in how the TLS session starts:\n\n| Port | Encryption | When to use |\n|---|---|---|\n`465` |\nImplicit TLS — the connection starts encrypted | Most modern clients; simpler, no STARTTLS negotiation |\n`587` |\nSTARTTLS — starts plaintext, upgrades to TLS | Clients that only support the submission port with STARTTLS |\n\nIf your client asks you to choose an encryption mode, pick \"SSL/TLS\" for ports 993 and 465, and \"STARTTLS\" for 587.\n\n| Limit | Default |\n|---|---|\n| Max outbound message size | 40 MB, enforced at the SMTP `DATA` command |\n| Concurrent IMAP connections per grant | 20 |\n| IDLE timeout | 30 minutes (client re-issues IDLE) |\n| Idle connection timeout | 5 minutes outside of IDLE |\n| Storage quota | per grant, reported via the IMAP `QUOTA` extension |\n\nThe 20-connection cap matters if a whole team supervises one agent mailbox — modern clients open multiple connections each, so five or six simultaneous users can brush against it.\n\nAutonomous email agents need a human escape hatch, and \"build a custom review UI\" is a tax most teams shouldn't pay on day one. A mail client *is* a review UI — battle-tested, familiar, and already on everyone's machine. The hybrid workflow the docs describe is exactly this: the agent handles routine messages via the API while a human reviews edge cases or replies from a familiar client, with webhooks keeping your application informed of everything the human does. It's also the fastest debugging tool you'll find — when the agent misfiles a message, you can watch it happen live in Thunderbird.\n\nTry it this week: add an `app_password`\n\nto one existing agent grant, connect Apple Mail or Thunderbird with the settings table above, and move a message between folders from each side. Watching the other surface update in real time makes the shared-mailbox model click. Full details in the [mail client access guide](https://developer.nylas.com/docs/v3/agent-accounts/mail-clients/).", "url": "https://wpnews.pro/news/connect-outlook-or-apple-mail-to-an-agent-account", "canonical_source": "https://dev.to/qasim157/connect-outlook-or-apple-mail-to-an-agent-account-2akf", "published_at": "2026-06-15 14:59:08+00:00", "updated_at": "2026-06-15 15:07:11.349981+00:00", "lang": "en", "topics": ["ai-agents", "developer-tools", "artificial-intelligence"], "entities": ["Nylas", "Outlook", "Apple Mail", "Thunderbird", "IMAP", "SMTP"], "alternates": {"html": "https://wpnews.pro/news/connect-outlook-or-apple-mail-to-an-agent-account", "markdown": "https://wpnews.pro/news/connect-outlook-or-apple-mail-to-an-agent-account.md", "text": "https://wpnews.pro/news/connect-outlook-or-apple-mail-to-an-agent-account.txt", "jsonld": "https://wpnews.pro/news/connect-outlook-or-apple-mail-to-an-agent-account.jsonld"}}