Microsoft Basic Authentication Retirement

Microsoft will be retiring Basic Authentication for EWS, EAS, IMAP, POP and RPS. This means anyone using any application that doesn’t use ‘OAuth 2.0’ protocol for authorization will have access issues to Office 365 and Exchange Online.

However, Exchange Admins should note that this change does not impact SMTP AUTH. Also, these changes will effect beginning October 13, 2020 meaning plenty of time to upgrade.

Impact
This means come October 2020 there will be no connection to exchange online when you are using Outlook 2010 and certain versions of 2013.

There are several actions that you as an exchange admin and/or your users can take to avoid service disruptions on client applications. If no action is taken, client applications using Basic Authentication for EWS may be unable to connect after October 13, 2020.

The recommended scenario is to have a minimum of Outlook 2016. Also, use the Outlook App on iOS and Android when connecting to Office 365 or Exchange Online.

Start and ensure any third-party app in your environment is updated to OAuth 2.0 protocol. OAuth 2.0 has become the basic security protocol for mobile APIs development and for providing credentials to launch native applications.