Update 12/12/2024: Please see our later blog post for updates on this subject.
Client Access Rules (CARs) help to control access to the Exchange Online organization. Now with new features, like Continuous Access Evaluation (CAE) that allows Azure Active Directory applications to subscribe to critical events, that can then be evaluated and enforced in near real time; you can have better control while also adding resiliency to your organization.
Today, we are announcing the retirement of CARs in Exchange Online, to be fully deprecated by September 2023.
We will send Message Center posts to tenants using client access rules to start the planning process to migrate their rules.
The CARs deprecation timeline is planned as follows:
How does this affect you?
If you do not currently use CARs, cmdlets will be disabled for your tenant after October 2022.
If you currently have CARs configured in your tenant you will be able to keep using them until September 2023, which provides you with time to migrate other, more resilient options.
Resources
Client Access Rules in Exchange Online
Continuous access evaluation in Azure AD
--The Exchange Team
You Had Me at EHLO.