[German]Quick addendum from this week: Microsoft's Exchange team has already announced the availability of Client Credential Flow (CCF) for SMTP AUTH in Exchange Online on July 10, 2023. Client Credential Flow (CCF) for SMTP AUTH enables applications to use modern authentication to deliver authenticated email to Exchange Online without requiring an interactive login. Using OAuth reduces the risk of credentials being compromised during authentication.
Advertising
The following tweet from the Exchange team at Microsoft points out this issue, which is described in the Techcommunity post Announcing Client Credential Flow for SMTP AUTH in Exchange Online.
What is Client Credentials Flow?
Client Credentials Flow (defined in OAuth 2.0 RFC 6749, section 4.4) allows an application to exchanges its credentials, such as client ID and client secret, for an access token. Microsoft described this in March 2023 for Azure in this support post. Microsoft says:
Client Credential Flow (CCF) for SMTP AUTH enables applications to use modern authentication to deliver authenticated email to Exchange Online without requiring interactive sign-on. Using OAuth reduces the risk of credentials being compromised during authentication.
How can it be used?
CCF for SMTP AUTH is now available in all Microsoft environments, the Teccommunity post says. Administrators can use the steps under Authenticating an IMAP, POP or SMTP Connection with OAuth for SMTP. The following steps are required to use it:
- Register your application with Azure AD
- Get an access token from a token server
- Authenticate connection requests using the access token.
Details may be read within the linked articles.
Advertising
Advertising
