Basic Auth - Reporting WebService (reports.office365.com )

Highlighted
Super Contributor

hi community..

 

i need some help in understanding the following situation.

In 2020, Microsoft will disable Basic Auth in Exchange Online.  I would assume that this would affect also the reportingwebservice....right ?

https://docs.microsoft.com/en-us/previous-versions/office/developer/o365-enterprise-developers/jj984...

 

until now i use basic auth to pull messagetrace data via the following call....

e.ghttps://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace?$format=json

 

so far so good.

today i have created in my lab a policy which blocks ALL basic auth in exchange online and have assigned it to the user account i use for the rest call.

 
 

AllowBasicAuthActiveSync : False
AllowBasicAuthAutodiscover : False
AllowBasicAuthImap : False
AllowBasicAuthMapi : False
AllowBasicAuthOfflineAddressBook : False
AllowBasicAuthOutlookService : False
AllowBasicAuthPop : False
AllowBasicAuthReportingWebServices : False
AllowBasicAuthRest : False
AllowBasicAuthRpc : False
AllowBasicAuthSmtp : False
AllowBasicAuthWebServices : False
AllowBasicAuthPowershell : False

 

HOWEVER, i'm still able to pull the report via basic auth.

why ? :)

 

Questions:

- What's the reason ?

- If basic auth really can't be used anymore for this reporting service, HOW can i access the messagetrace information in an automatic way...so what alternatives do i have ?

(i need just message trace information and not mailing data via graph where i would need to access every single mailbox)

 

thank you 

stefan

 

1 Reply
Highlighted

Interesting. It took ~ 12 hours until it became active.

 

so does this mean that the reporting webservice will be deprecated with the start of the global basic auth disablement - mid 2020 ?