We’ve been working for some time with several partners to come up with ways to smoothly transition our many users from Basic authentication to something more secure: OAuth 2.0-based authentication, o...
Updated Jul 11, 2022
Version 3.0
Blog Post
Greg Taylor - EXCHANGEHi Greg, thanks for this - really helpful.
As part of the rush to stamp out basic auth before the Oct deadline, I was having a look through the sign-in logs of a tenant today. I noticed that some (possibly all - have only checked a few so far) basic auth ActiveSync sign-ins were showing "ROPC" in the authentication protocol field (which I assume means they're using the ROPC OAuth flow).
There are multiple of these going back a long way for a single iOS user. That makes me think these aren't an occurrence of the mechanism you described above and are instead just routine basic auth connections from devices that have not yet transitioned.
Am I right in thinking ROPC is also used for standard basic auth connections as well? As these are legacy auth, presumably they are HTTP auth requests "proxied" from Exchange Online to AAD, with EO initiating an ROPC flow to AAD in the background?
Just want to check my understanding so I can be sure I know what's going on.
Thanks in advance