Blog Post

Exchange Team Blog
5 MIN READ

Basic Authentication Deprecation in Exchange Online – September 2022 Update

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Sep 01, 2022
One month from today, we’re going to start to turn off basic auth for specific protocols in Exchange Online for customers who use them. Since our first announcement nearly three years ago, we’ve se...
Updated Jan 01, 2023
Version 16.0
announcements
exchange online
security
omada_david's avatar
omada_david
Copper Contributor
Sep 15, 2022

Hi The_Exchange_Team 

 

We would like to migrate our server applications to use the https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#sasl-xoauth2 auth method to send mails using SMTP.  To do that we need to obtain an access token using a non-interactive token grant flow.

Unfortunately, Exchange Online does not allow us to use https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow to get an access token from AAD and then send the token to Exchange using the https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#sasl-xoauth2 protocol.
See the following doc:https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#smtp-protocol-exchange.
 
When will the https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow be supported for Exchange Online?
 
Until then, what non-interactive OAuth token grant flow do you recommend that we use for sending emails using SMTP?

Regards,

David