Office 365 Getting E-Mail Client Authentication Improvements This Month

Microsoft is adding Android and iOS Outlook client authentication improvements this month for its Office 365 Exchange Online subscribers.

Specifically, Microsoft's June Office 365 update will be turning on the use of the OAuth delegation protocol for use by those Outlook clients. OAuth is an Internet Engineering Task Force open specification for authorizing Web-enabled apps. It's not an authentication protocol per se, but it gets used inside of authentication protocols, according to an article.

Microsoft enables OAuth through its Active Directory Authentication Library (ADAL), which is now getting turned on for Exchange Online mailboxes. That change allows users to authenticate using Azure Active Directory, which is the identity provider service that's used across Office 365 services. With this integrated OAuth capability, Android and iOS Outlook users can access e-mail by just signing into their Office 365 accounts.

"ADAL-based sign in enables OAuth for Office 365 accounts, providing Outlook with a secure mechanism to access email without requiring access to the user's credentials," Microsoft's announcement explained.

Organizations get some management and security controls, too. For instance, the Android and iOS Outlook clients now support "multifactor authentication." Multifactor authentication is Microsoft's term for a secondary security challenge that initiates after a user enters a password. The security challenge arrives on a device in the form of an e-mail, text message or automated phone call, providing an alternative way of verifying the user's identity.

While Microsoft is turning on this OAuth capability for Office 365 end users this month, it will require that end users log into their devices for the change to take effect. Users will get a prompt to do that "over the next week," Microsoft promised. The log-in will "automatically convert their account from basic authentication to OAuth," Microsoft explained. At that point, multifactor authentication policies will start to work.

Microsoft's announcement explained that Exchange ActiveSync doesn't support OAuth, so organizations relying on that protocol will just have the "basic authentication" capability. They won't have multifactor authentication support, for instance.

OAuth is currently used by Microsoft for its and OneDrive clients. It's also used by companies such as Dropbox and Box for accessing their cloud storage services. Google also uses OAuth for its Gmail app, according to Microsoft's announcement.

In a different announcement, Microsoft explained that it enhances its Exchange ActiveSync protocol first for its cloud-enabled Office 365 services. Exchange ActiveSync "version 16" will be the next version of the protocol, which is used to synchronize data with premises-based Exchange mailboxes. Version 16 will add calendar reliability improvements, as well as improvements to attachment handling. ActiveSync 16 also will allow draft folders to be synced.

Those ActiveSync improvements will start to show up "soon" for Microsoft's Office 365 account users, Microsoft promised. Organizations can check for version 16 by running the "Exchange ActiveSync Autodiscover" test at this page.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

  • Microsoft Suggests Disabling Old Protocols with Exchange Server 2019

    Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.

  • Microsoft Previews New Edge Browser on Windows 7 and Windows 8.1

    Microsoft announced this week that it has released previews of its Chromium-based Microsoft Edge Web browsers for use on Windows 7, Windows 8 and Windows 8.1 systems.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.