As previously announced, on October 1, 2022, Microsoft will permanently disable Basic Authentication (“Basic Auth”) for Office 365 Exchange email. Any accounts still configured or coded to use Basic Auth after that date will be unable to authenticate.

To read Microsoft's latest announcement about this upcoming change, visit Basic Authentication Deprecation in Exchange Online. The full list of protocols that may have been configured in the past with Basic Auth that need to be updated before October 1 includes: MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell.

Resources for OAuth2 Access Using IMAP/POP/SMTP

• Authenticate an IMAP, POP or SMTP connection using OAuth | Microsoft Docs 
  Configure authentication with IMAP, POP, or SMTP using OAuth2.

Get Started with Microsoft Graph

Authentication can also be configured using Microsoft Graph. Use these links to get started with Graph.

• Quick Start - Microsoft Graph 
  Learn how to an application and download samples in several different languages. (This is not email account-specific.)
• Microsoft Graph Fundamentals for Beginners | Microsoft Docs
  This is a good introductory online course on using Graph.
• Microsoft Graph REST API | Reference and toolkit 
  Detailed Microsoft Graph API Reference.

Set Up OAuth2 Access via Microsoft Graph

Once you are familiar with using Graph, these links will help with specific email setup.

• Use the Outlook mail REST API - Microsoft Graph v1.0 | Microsoft Docs 
  Access a mailbox using the Graph API. If you have a password for an account and are using IMAP, this is a resource on how to update using Graph API.
• Get Outlook messages in a shared or delegated folder using the Outlook mail API - Microsoft Graph | Microsoft Docs 
  Access a mailbox when you have an account with delegated access privileges.
• Send Outlook messages from another user using the Outlook mail API - Microsoft Graph | Microsoft Docs 
  Sending Email from another mailbox for which you have Send As or Send on Behalf permission. Note that, for the time being, Microsoft has not deprecated sending email with Basic Auth, though it is a good idea to modernize now for when that change takes place.

Configure OAuth2 Access Using Java

• Office365 OAuth2 Access Token for SMTP, IMAP, POP
• Office365 IMAP OAuth2 with Shared Mailbox

Configure Access Using Python

• Office365 IMAP with OAuth2 Authentication
• Office365 Send Email using SMTP with OAuth2 Authentication

Questions?

If you need additional assistance configuring your Cornell service or resource account to use OAuth2, contact the CIT Email and Messaging Team.