MicrosoftOn some of the comments here saying this is bad, while it's understandable the desire to disable basic auth outright, there are issues for many developers moving away from it.
In particular EWS applications cannot always move to using OAuth because this requires full_access_as_app permission for an application in Azure AD and many IT policies will block this as it's granting an application full access to ALL mailboxes.
While Graph API is preferred and provides granular mailbox permissions, this is a lot of time and investment to migrate to Graph API, and it has a number of issues. It also isn't support on-prem, so developers have to maintain both an EWS and Graph API implementation to support both on-prem and online installations.
