Microsoft deprecation of Legacy Tokens for Authentication in February 2025
As part of Microsoft’s ongoing efforts to enhance security, legacy tokens for authentication will be deprecated and turned off on February 17th. This change may impact certain Outlook add-ins or applications that rely on legacy tokens for authentication.
|
Coming soon - While re-enabling legacy tokens ensures compatibility. For improved security, we will be making changes in the near future where our team will be implementing a new authentication method. This is the recommended approach from Microsoft. |
To ensure uninterrupted functionality, Administrators need to take the following steps to re-enable legacy tokens, if required.
Steps to re-enable Legacy Exchange Online Tokens
Our customers will need to complete the following steps.
Step 1. Connect to Exchange Online Powershell
- Connect to Exchange Online PowerShell.
- Open PowerShell.
- Run the command:
Import-Module ExchangeOnlineManagement
- To check you are on the latest version of the module, run the command:
Update-Module -NameExchangeOnlineManagement
- Run the command:
Connect-ExchangeOnline
- Sign in with your Microsoft 365 administrator credentials.
Step 2. Turn off legacy Exchange Online tokens
Next, you will need to turn on the legacy Exchange Online tokens on OR re-enable them.
Run the command:
Set-AuthenticationPolicy –AllowLegacyExchangeTokens -Identity "LegacyExchangeTokens"
This command will return success in response and turns on legacy tokens for the entire tenant. If an Outlook add-in requests a legacy token, it will be issued a token.
Administrators can manually re-enable legacy Exchange tokens, and the change may take up to 24 hours to propagate across your organization.
Frequent Asked Questions
Q. What if I don’t enable the legacy token?
You will see the below error message when trying to access plugin.
Q. What if the legacy token is not enabled and I’m already logged in?
You will see infinite loading as per the screenshot below.
