Support for Unattended scripting in delegation scenarios for Exchange Online Powershell EXOV2 module

Copper Contributor

Currently we use EXO V1 module for unattended scripting in delegation scenarios.

We use refresh tokens to create a session via the following commands -



$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "" -Credential $credential -Authentication Basic -AllowRedirection



The refresh token is obtained by making a POST call to[azure_tenant_id]/oauth2/v2.0/token with clientID and clientSecret.

Since the support for EXO V1 with basic Authentication will be deprecated starting October 2022, we want to move to EXO V2 module. We went through the documentation of EXO V2 module and did not find anyway how unattended scripting in delegation scenarios are supported.

Could you help us how we could use unattended scripting in delegation scenarios for Exchange Online Powershell EXO V2 module?

5 Replies
If you are using client secret, that's not a delegated access scenario. The V2 module natively supports certificate-based auth for unattended app scenarios:
Connecting via client secret is not officially supported, but works just fine by using the exact same method you're leveraging already. That's not considered basic authentication, and will not be deprecated coming October (note the BasicAuthToOAuthConversion query parameter!).
If you want to get rid of that part too (WinRM dependence), you can use the latest preview version:

Thanks @Vasil Michev

We use Secure app model as documented in
However the refresh token is fetched via the API[azure_tenant_id]/oauth2/v2.0/token 
Here clientID and clientSecrets are the azure application secretId and value. This is the application which is in a different account and has the delegated access

We will checks and evaluate the latest preview version which gets rid of WinRm if that works for us.

Thank you.


Oh, you mean partner scenarios, gotcha. In any case the latest version has all the goodies, try it. They might even announce GA today at MEC, or maybe at Ignite :)

Thanks @Vasil Michev 

I was trying to use the preview version of EXO v2 servlet. I was not able to use it with unattended scripting for partner/delegation scenarios. Is there a document that describes this use-case?

I tried with the parameter -DelegatedOrganization parameter, however this opens up a web page for sign-in. I tried by suppling the -Credential parameter where the credential is the refresh OAuth token and this also errors out. 
Could you please help us out here?

Sorry, I don't have a partner account to play with, so I haven't tested this scenario.