KevinTheJedi
I deleted and re-added back the email and tried again it gives the same error
I have got it to work by adding a support email address to Global Admin or Application Administrator Roles, which is a security risk, but this worked means something missing as per application requires permissions, not sure where Azure or O365
Based on docs this permission is not enough:
User.Read, offline_access, IMAP.AccessAsUser.All, POP.AccessAsUser.All, and SMTP.Send.