Update 11/3/2021: We have edited this post for clarity based on customer feedback.
Over the last few years, we have invested heavily in Microsoft Graph to enable developers to access the rich data available in Microsoft 365. Microsoft Graph, along with OAuth 2.0, provides increased security and seamless integration with other Microsoft cloud services.
In August 2018, we announced that we were no longer going to actively invest in Exchange Web Services (EWS) APIs for Exchange Online. We also gave a strong recommendation to start migrating to Microsoft Graph for Exchange Online data access.
Today we are announcing the deprecation of the 25 least used APIs of EWS for Exchange Online (as determined by the call volume into the service). We are deprecating these APIs to begin the process of reducing the surface area of the EWS protocol for maintenance and security purposes. Support for these APIs will no longer exist after March 31, 2022.
The list of deprecated APIs is at the end of this post. We will introduce sunset headers in the response for these APIs that are marked for deprecation.
In the coming months we will send Message Center posts to tenants we can see are using these low volume, and now deprecated APIs.
Over time, we will identify additional APIs for deprecation when and where we see adequate parity with Microsoft Graph APIs. We are also working hard on addressing feature gaps and building parity between EWS and Microsoft Graph APIs. We strongly urge our ecosystem partners accessing Exchange Online data to migrate to Microsoft Graph APIs.
We will also remove the ability to register new apps in Azure with EWS permissions starting September 30, 2022. Apps registered before this date, any API not mentioned in this, or subsequent announcements, will not be impacted.
EWS is a legacy API surface that has served us well, but no longer meets the security and manageability needs of modern app development. We strongly urge our ecosystem partners accessing Exchange Online data to migrate to Microsoft Graph APIs.