Basic authentication on Microsoft 365 will be disabled

1

Hi Adam
We have a few options:
1. Change the notification Server type to "Exchange Online - Microsoft Graph" in the WEBCON BPS Designer Studio (recommended).
2. Create a dedicated, externally secured receive/send connector in Exchange 365. (requires a little knowledge of Ex365).
3. Install and use any local SMTP service (Postfix, IIS SMTP, or any other).

Hi Paweł,
thanks for a quick response here. I think it may be useful for others :)

Best!

I'm not sure if it's relevant, but in one case I used the Amazon Simple Email which allows for 62,000 free emails sent per month.

Hi,
"Change the notification Server type to "Exchange Online - Microsoft Graph" in the WEBCON BPS Designer Studio "
I can't see this option in my version. I have version 2021.1.3.188.

This option is available from version 2021.1.5.247.

Dear All,
just want to confirm that I switched to option no. 1 and it worked fine.
Just bear in mind to grand valid permissions (for Microsoft Graph, Mail.Send) in API permissions on App registration at Azure AD.

It is good to read the article: https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access Mail.send permission allows applications to send emails as ANY user (eg. CEO), so consider creating scopes (for Send mail and for Hotmailboxes).

Hi Pawel,

Thank you for the article. However, in the version that I'm using (2022.1.2.59) all emails get sent as the email address defined in global settings. Did you change that in the last version?

Thanks,
Martin

Martin,
I think that Pawel is referencing to permissions in Microsoft Graph. If you don't limit it in Microsoft Graph you could enter any e-mail (like CEOs email) in WEBCON BPS general settings. And notifications will be send as CEOs email.

Good point, Adam. :) Thank you.

New update here.
After updating (may not be relevant here) WEBCON BPS to 2022.1.3.65 I get error while sending e-mail notifications (from workflow, as actions): "Length of the data to decrypt is invalid."

Email notification is set to Microsoft Graph. Permission is granted both as Application and as delegated.
When I try to send test mail from email configuration in BPS Studio it is delivered properly.

Any ideas?

OK, so here are my notes regarding this issue.

It worked in my environment only with synced accounts from local AD (sync to Azure AD from AD). Accounts created in Azure AD (only) didn't work.

Also noticed that I had to input data with selected option Exchange on-premises/SMTP Server. Without them option with Exchange Online - Microsoft Graph didn't work. In logs had an error "Brak konfiguracji adresu nadawcy. Skontaktuj się z administratorem systemu." that can be translated as 'Missing sender address configuration. Please contact system administrator."
After just filling this data in option "Exchange on-premises/SMTP Server" (without authentication details) and switching to "Exchange Online - Microsoft Graph" enables sending e-mails via Microsoft Graph.

This may not be a bug, but just a feature :)

Above activities were made on WEBCON BPS 2022.1.3.65 Standalone version.

Microsoft has published a post outlining (among other things) how to extend support for Bacis authentication until the end of this year: https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437

Hello,

What permissions I exacly need to make the authorisation work properly? I have seen some articles like https://help.sagecrm.com/on_premise/en/2022R1/Administration/Content/Administrator/EM_GetClientIdSecret-Outlook.htm
but still I can't connect with the server. I must be missing something.

My actual permissions in a picture attached. Thanks for any help.

Dear Piotr,
are you able to provide error you receive? It will be easier to find solution. Additionally assume that Azure AD Enterprise application ID and secret (where you granted permissions) are valid in BPS configuration :)

Best.