0
votes

In MC191153 it is stated:

Beginning October 13, 2020, we will retire Basic Authentication for EWS,EAS, IMAP, POP and RPS to access Exchange Online. Note: this change does not impact SMTP AUTH.

We are currently using basic authentication for MAPI over Http which is not mentioned.

Can we assume that, even after October 13, 2020 basic authentication for MAPI over Http will still be available.

2

2 Answers

0
votes

Yes, we have not announced any changes to MAPI protocol. Regardless, we encourage you to enable Modern authentication on Outlook clients and move away from BasicAuth on MAPI.

0
votes

MAPI will be affected. Keep in mind that the latest builds of Outlook no longer use Basic authentication against Office 365 mailboxes even if Basic authentication if enabled. If you previously could save Basic credentials using CredWrite() function, that will no longer work - MSEMS provider ignores the cached credentials and displays the authentication prompt at least once. This alone makes it impossible to use MSEMS provider if your code is running unattended, e.g. in a Windows service.

You can use the DisableADALatopWAMOverride registry key to force the MSEMS provider to always use Basic authentication, but once Basic authentication is turned off on the server level, OAuth will be your only choice. And there is no documented way to provide an access token to the MSEMS MAPI provider.