Exchange Online token deprecation plan
If you're using Outlook add-ins that rely on legacy Exchange Online tokens, it's time to upgrade to Nested App Authentication (NAA) and Entra ID tokens to avoid breaking when tokens are eventually turned off. Microsoft has deprecated legacy Exchange Online user identity tokens and callback tokens in favor of more secure options as part of the Secure Future Initiative, and a timeline for deactivation is available.
Administrators should identify which add-ins need to be updated and contact the relevant ISVs or developers to obtain updates, while developers must check their add-in code to ensure related API calls are still valid.
It's recommended to implement updates as soon as possible, as add-ins are often essential to mission-critical tasks, and updates may take some time to deploy. By adopting NAA, you'll benefit from simple authentication and top-tier identity protection through APIs bespoke for use in Office hosts.
Note that this change only affects Exchange Online, and add-ins used in on-premises environments will not be impacted.
The post Exchange Online token deprecation plan originally appeared on M365 Admin.
Published on:
Learn more
Related posts
Updates on deprecating legacy Exchange Online tokens for Outlook add-ins
In April, we announced that Exchange tokens will be turned off by default for all tenants in October 2024. This has been updated and you shoul...
Big Change Coming in Authentication for Outlook Add-ins
Microsoft has recently announced a major change in authentication for Outlook add-ins, set to be implemented on April 9, 2024, which may catch...
New Nested App Authentication for Office Add-ins: Legacy Exchange tokens off by default in October 2024
Announcing the public preview of Nested App Authentication (NAA) and that legacy Exchange user identity tokens and callback tokens will be tur...
Update to Exchange callback tokens for Outlook add-ins
Learn how to prepare for the upcoming change to Exchange callback tokens and avoid any disruptions in your Outlook add-ins. The post Update t...
Connecting to Exchange Online PowerShell by passing an access token
December 2022 has been an exciting month for Exchange Online PowerShell as new improvements are added while news of the impending deprecation ...
Reminder: Basic Authentication deprecation in Office Apps
This post serves as an important reminder that Microsoft 365 Apps are set to disable server sign-in prompts that use Basic authentication in O...
Connecting to Exchange Online PowerShell by passing an access token
In this post, we explore how you can connect to Exchange Online PowerShell by passing an access token. December 2022 has been an eventful mont...
Basic Authentication Deprecation in Exchange Online – Autodiscover Protocol
In an effort to further enhance security measures, Basic authentication for the Autodiscover protocol will be turned off in Exchange Online. T...
Basic Authentication Deprecation in Exchange Online – September 2022 Update
Microsoft has announced that it will begin to phase out basic authentication in certain protocols in Exchange Online over the next few months....
Basic Authentication Deprecation in Exchange Online - #251
Microsoft is getting ready to deprecate Basic Authentication in Exchange Online on October 1st, and it's crucial to make changes to prepare fo...