Using Basic Authentication in Exchange?

by Aug 29, 2022

Using Basic Authentication in Exchange? From Okt 1 that will not be possible anymore!

Someone that has been looming for a while is happening starting from Oktober 1: Depreciation of Basic Authentication in Exchange Online.

See the blog post of the Exchange team for tips and how to see if you are affected:

https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866?WT.mc_id=AZ-MVP-5003249

What is Basic Auth?

It is one of the simpelst way of authentication using an Authorization header in your HTTP request. The header contains the word Basic, followed by a space and a base64-encoded string username: password.

For example, to authorize as username / Pa$$w0rd the client would send:

Authorization: Basic AXVubzpwQDU1dzByYM==

Base64 encoding does not mean encryption or hashing! You can reverse encode it! So, you are basically sending your credentials as clear text over the line!!! That is why it isn’t a safe way if the connection is not encrypted. So always use an HTTPS connection when using this or much better use a different authentication method.

#
Remy van Duijkeren

Remy van Duijkeren

Power Platform Advisor

Microsoft Power Platform Advisor with over 25 years of experience in IT with a focus on (marketing) automation and integration.

Helping organizations with scaling their business by automating processes on the Power Platform (Dynamics 365).

Expert in Power Platform, Dynamics 365 (Marketing & Sales) and Azure Integration Services. Giving advice and strategy consultancy.

Services:
– Strategy and tactics advise
– Automating and integrating

Subscribe to
The Daily Friction

A daily newsletter on automation and eliminating friction

Related Content

I see your comment. And I see AI fingerprints all over it.

I see your comment. And I see AI fingerprints all over it. You know the ones where you think: Bro... did you even read my post? πŸ˜… I get it. We want engagement. We want the algorithm to give us more eyeballs. But fake engagement is still fake. Here’s what happens when...

read more

Abstract the abstraction 🀯.

Abstract the abstraction 🀯. .NET devs, we love our patterns... maybe too much. For a simple CRUD app, I've seen: Repositories – because obviously we can't query directly, that's too mainstream UnitOfWork – like transactions, but now with extra ceremony Services –...

read more