Basic Authentication Retirement for legacy protocols in Exchange Online

rerasmus

As a lot of companies make use of Office 365 and Exchange Online, osTicket must provide official OAuth 2.0 email authentication support by Oct 13, 2020 as Microsoft is dropping IMAP support. See the notice below.

Major Update: Announcement
Applies To: All customers
Updated February 7, 2020: Changed the Action by Date to accurately reflect October 13, 2020. Beginning October 13, 2020, we will retire Basic Authentication for EWS, EAS, IMAP, POP and RPS to access Exchange Online. Note: this change does not impact SMTP AUTH. There are several actions that you and/or your users can take to avoid service disruptions on client applications, and we describe them below. If no action is taken, client applications using Basic Authentication for EWS will be retired on October 13, 2020. Any application using OAuth 2.0 to connect to these protocols, will continue to work without change or interruption.
What do I need to do to prepare for this change?
You have several options on how to prepare for the retirement of Basic Authentication.
You can start updating the client applications your users are using to versions that support OAuth 2.0 today. For mobile device access, there are several email apps available that support Modern Authentication, but we recommend switching to the Outlook app for iOS and Android as we believe it provides the best overall experience for your M365 connected users. For desktop/laptop access, we encourage the use of the latest versions of Outlook for Windows and Outlook for Mac. All Outlook versions including, or newer than, Outlook 2013 fully support OAuth 2.0.
If you have written your own code using these protocols, you will need to update your code to use OAuth 2.0 instead of Basic Authentication, you can reach out to us on stack overflow with the tag exchange-basicauth if you need some help.
If you or your users are using a 3rd party application, which uses these protocols, you will either need to
reach out to the 3rd party app developer who supplied this application to update it to support OAuth 2.0 authentication
-or-
assist your users to switch to an application that’s built using OAuth 2.0.

ntozier

The devs are aware of this.

cparisi

+1 very urgent for us too.

vb01

When do you guys expect this to be completed? I am looking to migrate to OSTicket but I can't due to this reason. Microsoft is requiring us to use OAuth 2.0 instead of Basic Auth.

auronmessatsu

Hi guys, Our Microsoft TAM instructed us that in our hybrid environment with Azure AD, we have to enable modern authentication up to next year. This means that IMAP(S) and POP(S) protocols will be disabled for Office 365 accounts. Do you have news about this topic?

blueyeguy

+1 urgent for us as well.

greg2000

+1 urgent for me as well. Our organization just informed my that our email account will have Basic Authentication turned off in 3 months 6/21

KevinTheJedi

@auronmessatsu @blueyeguy @greg2000

We are still working on implementing this into the codebase. The way it will work is use OAuth2.0 to authenticate via IMAP/POP3 and SMTP.

Cheers.

Melville-Reid

Thanks for the update KevinTheJedi look forward to the completion.

98sadfy

KevinTheJedi It is a great news! Thank you.

Sindre100

Hi!

Any information on when this will be available?

Melville-Reid

Hi,
Any update regarding the OAuth2 integration?

KevinTheJedi

@Melville-Reid

Still in development but near the end. Will be coming soon, so please stay tuned.

Cheers.

Melville-Reid

KevinTheJedi Thank you for the update.

PaulFender

Is there an update? Thank you

ntozier

MS delayed due to Covid. They also said back in Feb:
"The first change is that until further notice, we will not be disabling Basic Auth for any protocols that your tenant is using."

More information about this topic here:
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-february-2021-update/ba-p/2111904

Vitoie

Any update?

jbrown

Also interested in this. We are switching from Spiceworks to osTicket. The main reason we do not like spiceworks is because it is basically forcing us to the cloud. We would rather keep something locally hosted that works with Oauth.

KevinTheJedi

@jbrown

Still in progress. Should be released early next year as part of a Release Candidate then a full release once tested.

Cheers.

bimaljr

I like to help on this. Please let me know the GIT repo so I will clone it and will make corrections.

KevinTheJedi

bimaljr

Our code for this is internal only right now. We will release a test build soon. Please stay tuned.

Cheers.