Full compatibility with Modern authentication

Access to Microsoft Exchange data was originally only possible through a method called Basic authentication. Over time, Microsoft introduced a more secure way based on OAuth 2.0 for authentication and authorization: Modern authentication. Until now, it was possible to use either method to access Office 365; however, Microsoft announced in 2020 that basic authentication would soon be decommissioned (September 2021 Update: October 1, 2022). That's why we've been working for several months to support this feature, on which our mailbox and public folder content reports depend heavily.

Basic and Modern authentication

Basic authentication requires that you authenticate using a username and password of an Exchange Service Account when accessing resources in Microsoft Exchange. When using this method, the username and password are sent in clear text across the network connection every time a resource is accessed. The connection is secured by SSL so traffic is unreadable; however, Basic authentication is vulnerable to brute force or password spray attacks. When users are using weak passwords, it is just a matter of time before their account is compromised.

To replace it, a new token-based authentication mode called Modern authentication – based on OAuth 2.0 - has been introduced. With Modern authentication, an administrator in your organization granted permissions to the Promodag Reports application. The application can then access the resources it has been authorized for.

How to use Modern authentication with Promodag Reports

If the access method recommended in your Office 365 tenant is Modern authentication, launch Promodag Reports and go to the Office 365 Connection tab in Tools > Options. Select the Use modern authentication with EWS checkbox. Then click the Check connection… link.

A window appears with a message asking for the approval of Promodag Reports by an administrator. Click on the link:

Log in to Office 365 using a Global Administrator account. You will then be prompted to grant the application the permissions listed on the dialog box; they allow Promodag Reports to collect data from the mailboxes and send messages using SMTP. Click on Accept. Mission accomplished.

What next?

Once this simple operation is done, you will be able to use all the reports of the Mailbox Content and Public Folder Content categories on your Exchange Online hosted mailboxes with the level of security guaranteed by Modern authentication.

If for any reason you need to revoke this permission, simply log into Azure AD and delete Promodag Reports from the list of Enterprise applications.