Office 365 Getting E-Mail Client Authentication Improvements This Month

Microsoft is adding Android and iOS Outlook client authentication improvements this month for its Office 365 Exchange Online subscribers.

Specifically, Microsoft's June Office 365 update will be turning on the use of the OAuth delegation protocol for use by those Outlook clients. OAuth is an Internet Engineering Task Force open specification for authorizing Web-enabled apps. It's not an authentication protocol per se, but it gets used inside of authentication protocols, according to an article.

Microsoft enables OAuth through its Active Directory Authentication Library (ADAL), which is now getting turned on for Exchange Online mailboxes. That change allows users to authenticate using Azure Active Directory, which is the identity provider service that's used across Office 365 services. With this integrated OAuth capability, Android and iOS Outlook users can access e-mail by just signing into their Office 365 accounts.

"ADAL-based sign in enables OAuth for Office 365 accounts, providing Outlook with a secure mechanism to access email without requiring access to the user's credentials," Microsoft's announcement explained.

Organizations get some management and security controls, too. For instance, the Android and iOS Outlook clients now support "multifactor authentication." Multifactor authentication is Microsoft's term for a secondary security challenge that initiates after a user enters a password. The security challenge arrives on a device in the form of an e-mail, text message or automated phone call, providing an alternative way of verifying the user's identity.

While Microsoft is turning on this OAuth capability for Office 365 end users this month, it will require that end users log into their devices for the change to take effect. Users will get a prompt to do that "over the next week," Microsoft promised. The log-in will "automatically convert their account from basic authentication to OAuth," Microsoft explained. At that point, multifactor authentication policies will start to work.

Microsoft's announcement explained that Exchange ActiveSync doesn't support OAuth, so organizations relying on that protocol will just have the "basic authentication" capability. They won't have multifactor authentication support, for instance.

OAuth is currently used by Microsoft for its and OneDrive clients. It's also used by companies such as Dropbox and Box for accessing their cloud storage services. Google also uses OAuth for its Gmail app, according to Microsoft's announcement.

In a different announcement, Microsoft explained that it enhances its Exchange ActiveSync protocol first for its cloud-enabled Office 365 services. Exchange ActiveSync "version 16" will be the next version of the protocol, which is used to synchronize data with premises-based Exchange mailboxes. Version 16 will add calendar reliability improvements, as well as improvements to attachment handling. ActiveSync 16 also will allow draft folders to be synced.

Those ActiveSync improvements will start to show up "soon" for Microsoft's Office 365 account users, Microsoft promised. Organizations can check for version 16 by running the "Exchange ActiveSync Autodiscover" test at this page.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Secured-Core PCs Promise To Stop Malware at the Firmware Level

    Microsoft and its hardware partners recently described new "Secured-core" PCs, which add protections against firmware-based attacks.

  • How To Ransomware-Proof Your Backups: 4 Key Best Practices

    Backups are the only guaranteed way to save your data after a ransomware attack. Here's how to make sure your backup strategy has ransomware mitigation built right in.

  • Microsoft Buys Mover To Aid Microsoft 365 Shifts

    Microsoft announced on Monday that it bought Mover to help organizations migrate data and shift to using Microsoft 365 services.

  • Mark Hurd, Oracle Co-CEO, Dies at 62

    Oracle co-CEO and former Hewlett-Packard chief executive Mark Hurd died last Friday at the age of 62 from unspecified causes.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.