Forum Discussion

StefanFried's avatar
StefanFried
Steel Contributor
Mar 06, 2020

Basic Auth - Reporting WebService (reports.office365.com )

hi community..

 

i need some help in understanding the following situation.

In 2020, Microsoft will disable Basic Auth in Exchange Online.  I would assume that this would affect also the reportingwebservice....right ?

https://docs.microsoft.com/en-us/previous-versions/office/developer/o365-enterprise-developers/jj984328(v=office.15)

 

until now i use basic auth to pull messagetrace data via the following call....

e.ghttps://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace?$format=json

 

so far so good.

today i have created in my lab a policy which blocks ALL basic auth in exchange online and have assigned it to the user account i use for the rest call.

 
 

AllowBasicAuthActiveSync : False
AllowBasicAuthAutodiscover : False
AllowBasicAuthImap : False
AllowBasicAuthMapi : False
AllowBasicAuthOfflineAddressBook : False
AllowBasicAuthOutlookService : False
AllowBasicAuthPop : False
AllowBasicAuthReportingWebServices : False
AllowBasicAuthRest : False
AllowBasicAuthRpc : False
AllowBasicAuthSmtp : False
AllowBasicAuthWebServices : False
AllowBasicAuthPowershell : False

 

HOWEVER, i'm still able to pull the report via basic auth.

why ? 🙂

 

Questions:

- What's the reason ?

- If basic auth really can't be used anymore for this reporting service, HOW can i access the messagetrace information in an automatic way...so what alternatives do i have ?

(i need just message trace information and not mailing data via graph where i would need to access every single mailbox)

 

thank you 

stefan

 

Resources