Office365 to disable basic authentication

Auron Software

On October 1st in 2022 Microsoft is going to disable basic authentication in Exchange Online and Office 365. With Auron Software, you won’t miss a single e-mail.

This change affects anyone currently integrating with Office 365 using SMTP, POP3, or IMAP. It’s no longer possible to simply specify a username and password to send or receive email. Instead, you are recommended to use Modern Authentication (OAuth2).

Microsoft office365 to disable basic authentication

In the following sections, we’ll cover how to prepare, how to configure OAuth2 in the Auron SMS Server and how to configure OAuth2 in the Auron E-mail Component.

How to prepare for OAuth2

In either case, you’ll need a client ID. This client ID identifies your application with Microsoft, ensuring that the Microsoft login page knows which application requires authentication.

Auron Software does not provide a generic client ID because client ID’s are vulnerable to spoofing attacks if they are leaked. In a spoofing attack, a hacker could pretend to be your application. That’s why it’s always much more secure to use your own client ID and to keep it confidential.

The next step is to make sure that SMTP, POP and IMAP is available on your Office365 account. Follow these instructions to confirm their availability.

For the Auron SMS Server

If you’re an Auron SMS Server customer, the next step is to verify your software version. Auron Software supports OAuth2 starting from version 2022, provided you have a professional or SMSC license.

You can verify this by starting the Auron SMS Server Manager and navigating to Help -> About.

Auron SMS Server - Version 2022
Auron SMS Server – Version 2022

If you’re not already using version 2022, you’ll need to upgrade. Before upgrading please review the release notes of version 2022 to get an overview of the changes and the upgrade instructions.

In version 2022 you can navigate to the channel settings of your e-mail channels and change the authentication setting to ‘OAuth’. For each channel you’ll always find the OAuth Authorizer which helps you grant access to the e-mail channel using your client ID.

And that’s it. You should now be all set and October 1st will pass without a hitch.

For the Auron E-mail Component

If you’re an Auron E-mail Component customer your component version should be 6.0 or higher, with either a Professional or Distribution license. If you’re not yet on version 6.0, you’ll need to upgrade.

Before upgrading please review the release notes for version 6.0 for an overview of the changes and the upgrade instructions.

If you’re on version 6.0, you can make use of the new OAuth2 object. This object helps you authenticate with OAuth2 and renew your bearer token.

Authenticate with OAuth2

Authenticating with OAuth2 involves directing the user to the Microsoft login page and obtaining your bearer token and refresh token.

To do this, you’ll need to know the endpoint URLs and scope values to configure. We’ve documented these values for Microsoft Office 365 here.

It’s also important to note that Office 365 only allows desktop applications to use the ‘Device Code Flow’. The OAuth2 object supports authentication exclusively for desktop applications.

Refreshing your bearer token

The OAuth2 object can assist with refreshing your bearer token. This process works in the background and does not require any user interaction. You can use it in both web applications and desktop applications.

Examples

The E-mail component examples now include a lot of OAuth2 related working examples.

With these examples and the new OAuth2 object you’ll be able to upgrade your applications and have October 1st pass without a hitch!