By Jeyakumar Durai (JD)
Microsoft has been driving constant efforts to get rid of “Basic Authentication” – (a weak authentication method subject to easy credential compromise) from the M365 tenants. As a latest update of this effort, Microsoft & Apple have come up with a solution to switch the iOS Native Mail app users from Basic to Modern authentication which will happen seamlessly using ROPC (Resource Owner Password Credentials) method.
Though Apple has been supporting OAuth (Modern Authentication) in its native mail app for a couple years now, OAuth is enabled by default only for the new mailbox configuration. The users with existing configuration continues to have “Basic authentication” even when they upgrad the phone and transfer the data. The users had to completely remove and re-add their accounts in the mail app in order to switch to the new secure OAuth authentication in the backend.
What if your firm has thousands of native Mail app users? There is a solution on its way in the upcoming Apple iOS update, expected in the version iOS 16 which will have “ROPC grant” in the bundle. Few days after the update is installed, the Native Mail app will use the credentials to authenticate with identity provider, refresh the auth token and reconfigure the mailbox account in the native Mail app using OAuth (All happens in the backend without any user action).
There are few scenarios where this seamless switch may not work based on how your environment is set up.
Please see this Microsoft blog post for more information.
Note: Microsoft is targeting to disable the “Basic Authentication” completely from the M365 tenants starting Oct 1, 2022, so switching the native Mail app authentication to OAuth is vital for any Organization before the deadline.
Helient strongly recommends taking the necessary steps in switching your native mail app users to oAuth asap. If you would like more information or assistance, please contact our industry-leading experts at firstname.lastname@example.org.