Basic Authentication Deprecation in Exchange Online – September 2022 Update

fhenrik - Multi-tenant app process also works. You create one multi-tenant app in partner tenant and use it to manage multiple customer tenants.

You will be able to authorize with Partner app certificate and will also be able to use EXO v2 Module with this approach as you wanted to use EXO v2 Module.

For this to work, for each customer tenant you will need to 1) provide admin consent to Multi tenant app 2) assign appropriate Azure AD role to this multi tenant app service principal created in step 1) . Please note step 1) and 2) need to be done for each customer tenant.

omada_david - 'Set-TransportConfig  -SmtpClientAuthenticationDisabled:$true' completely disables SMTPClientAuthentication - both Basic and OAuth. If you want to disable basic but allow SMTP OAuth for one user, then enable SMTPClientSubmission for the user using Set-CASMailbox, then assign an Auth Policy blocking SMTP Basic for that user. 

steveallen1977 - to add to what Nino said if I may, Auth Policies and what we're doing are not related. They have the same outcome, but they are not connected directly. If you need to keep using EWS, then you need to opt out of us turning it off. Or it won't work at all. Then, you can use Auth Policies to scope who can use EWS basic down some more. Set the Org Default to block, and then set up an Allow basic with EWS policy on the accounts you want to use it. That will make sure only a limited set of accounts can use it, until we come back in Jan and turn it off for good.