Skip to content

Update legacy Exchange token documentation #12447

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 20 commits into from
Mar 3, 2025
+8 −5
Merged

Update legacy Exchange token documentation #12447

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
2ec9e2c
Update description of AllowLegacyExchangeTokens parameter
samantharamon Jan 10, 2025
611648e
Update Get-AuthenticationPolicy.md for clarity and formatting
chrisda Jan 10, 2025
2426bfa
Add note
samantharamon Jan 13, 2025
bfa6f49
Update parameter references in documentation
chrisda Jan 13, 2025
ce9c622
Add link
samantharamon Feb 5, 2025
c85b2b5
Merge branch 'main' into samramon-update-description
chrisda Feb 5, 2025
d9a4f09
Fix date
samantharamon Feb 5, 2025
f20edd7
Merge branch 'main' into samramon-update-description
chrisda Feb 5, 2025
479baec
Apply suggestion from review
samantharamon Feb 5, 2025
0d32ca1
Merge branch 'main' into samramon-update-description
samantharamon Feb 21, 2025
1279fd8
Update dates
samantharamon Feb 21, 2025
644e2a6
Merge branch 'main' into samramon-update-description
samantharamon Feb 24, 2025
bf2b82a
Apply suggestion from review
samantharamon Feb 24, 2025
ff7bf23
Fix grammar and punctuation in documentation
chrisda Feb 24, 2025
5a71fd4
Fix typo in Remove-AuthenticationPolicy documentation
chrisda Feb 24, 2025
c2566b4
Fix typo in Set-AuthenticationPolicy documentation
chrisda Feb 24, 2025
5e43e08
Fix typo in Set-AuthenticationPolicy documentation
chrisda Feb 24, 2025
bb11ebd
Merge branch 'main' into samramon-update-description
samantharamon Feb 28, 2025
82d866a
Update guidance
samantharamon Feb 28, 2025
b90b3d1
Merge branch 'main' into samramon-update-description
chrisda Mar 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions exchange/exchange-ps/exchange/Get-AuthenticationPolicy.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,10 +81,13 @@ The AllowLegacyExchangeTokens switch specifies whether legacy Exchange tokens ar

Legacy Exchange tokens include Exchange user identity and callback tokens.

This switch also specifies a date and time sometime within the past seven days when an add-in was either allowed or blocked from acquiring a token.

**Important**:

- Currently, the AllowLegacyExchangeTokens switch only specifies whether legacy Exchange tokens are allowed in your organization. For now, disregard the empty Allowed and Blocked arrays returned by the switch.
- Legacy Exchange tokens will eventually be blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).
- An update is being deployed to enable the AllowLegacyExchangeTokens switch to specify any add-in that requested an Exchange token from the last seven days. For more information, see [Get the status of legacy Exchange Online tokens and add-ins that use them](https://learn.microsoft.com/office/dev/add-ins/outlook/turn-exchange-tokens-on-off#get-the-status-of-legacy-exchange-online-tokens-and-add-ins-that-use-them).
- The AllowLegacyExchangeTokens switch returns `Not Set` if tokens haven't been explicitly allowed or blocked in your organization using the _AllowLegacyExchangeTokens_ or _BlockLegacyExchangeTokens_ parameters on the **Set-AuthenticationPolicy** cmdlet. For more information, see [Get the status of legacy Exchange Online tokens and add-ins that use them](https://learn.microsoft.com/office/dev/add-ins/outlook/turn-exchange-tokens-on-off#get-the-status-of-legacy-exchange-online-tokens-and-add-ins-that-use-them).
- As of February 17 2025, legacy Exchange tokens are blocked by default in all cloud-based organizations. Although tokens are blocked by default, the AllowLegacyExchangeTokens switch still returns `Not Set` if you haven't used the _AllowLegacyExchangeTokens_ or _BlockLegacyExchangeTokens_ parameters on the **Set-AuthenticationPolicy** cmdlet. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).

```yaml
Type: SwitchParameter
Expand Down
2 changes: 1 addition & 1 deletion exchange/exchange-ps/exchange/Remove-AuthenticationPolicy.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ This switch applies to the entire organization. The Identity parameter is requir
- Apart from the Identity parameter, this switch disregards other authentication policy parameters used in the same command. We recommend running separate commands for other authentication policy changes.
- It might take up to 24 hours for the change to take effect across your entire organization.
- Legacy Exchange tokens issued to Outlook add-ins before token blocking was implemented in your organization will remain valid until they expire.
- Legacy Exchange tokens will eventually be blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).
- As of February 17 2025, legacy Exchange tokens are blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).

```yaml
Type: SwitchParameter
Expand Down
4 changes: 2 additions & 2 deletions exchange/exchange-ps/exchange/Set-AuthenticationPolicy.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -371,7 +371,7 @@ The switch applies to the entire organization. The Identity parameter is require

- Apart from the Identity parameter, this switch disregards other authentication policy parameters used in the same command. We recommend running separate commands for other authentication policy changes.
- It might take up to 24 hours for the change to take effect across your entire organization.
- Legacy Exchange tokens will eventually be blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).
- As of February 17 2025, legacy Exchange tokens are blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).

```yaml
Type: SwitchParameter
Expand Down Expand Up @@ -569,7 +569,7 @@ The switch applies to the entire organization. The Identity parameter is require
- It might take up to 24 hours for the change to take effect across your entire organization.
- Legacy Exchange tokens issued to Outlook add-ins before token blocking was implemented in your organization will remain valid until they expire.
- Blocking legacy Exchange tokens might cause some Microsoft add-ins to stop working. These add-ins are being updated to no longer use legacy tokens.
- Legacy Exchange tokens will eventually be blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).
- As of February 17 2025, legacy Exchange tokens are blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).

```yaml
Type: SwitchParameter
Expand Down