URGENT COMMUNICATION
Deprecation of Basic Authentication in Exchange Online Affects Sage Alerts and Workflow
Deprecation of Basic Authentication in Exchange Online Affects Sage Alerts and Workflow On-Premise.
If you currently use Email Alerts or Email Response System of Sage Alerts and Workflow v10.04.01 and earlier, please read the following important information..
To avoid interruption to your Sage Alerts and Workflow email alerts, you might need to take action prior to October 1, 2022.
Effective October 1, 2022, Microsoft is changing the security options of Office 365. This change will deprecate use of Basic Authentication for all Office 365 tenants. This change may prevent Sage Alerts and Workflow (10.04.01 and earlier) from authenticating with your Office 365 account. The communication from Microsoft can be found here.
As of September 1, 2022, Microsoft revisited their policy and indicated that they will NOT disable SMTP Authentication (SMTP Auth) at this time. Therefore, SMTP-based Alerts and Worfklow email alerts will remain operational for the moment.
Regardless of upcoming deadlines, Microsoft and other industry experts recommend migrating to a modern OAuth2-based authentication for email access where possible. To this end, Sage Alerts and Workflow is releasing an upgrade (v10.5) that will allow the use of OAuth2-based authentication for email alerts and email response system.
How does this impact my instance of Sage Alerts and Workflow?
Any Office 365 account configured as a sender email account with outbound/inbound SMTP/POP/IMAP email settings in Sage Alerts and Workflow could be impacted.
To avoid disruption, you might have to change email providers, make changes to your Office 365 tenant account, or upgrade to Sage Alerts and Workflow 10.5.
What happens after October 1, 2022?
Microsoft will deprecate the use of basic authentication for all protocols other than SMTP. If you use the Email Response System (ERS) feature in Sage Alerts and Workflow, you will not be able to monitor inbound emails into your Office 365 email account, after October 1st, unless you take action.
How long will SMTP Auth based email alerts continue to work with my Office 365 email account? Microsoft has not published a timeline for disabling SMTP Auth. Sage Alerts and Workflow will release a more secure OAuth based email authentication with our upcoming 10.5 release. If you are concerned about the security of SMTP Auth, you should upgrade to the 10.5 release when it becomes available.
What options do I have to continue using Sage Alerts and Workflow Email Alerts and/or Email Response System (ERS)?
You can upgrade to Sage Alerts and Workflow v10.5 coming in early September 2022.
You can use other email service providers who support basic auth. Providers such as Gmail, Yahoo, etc., or anything other than Office 365.
You can proactively opt-out of disabling basic auth for POP or IMAP, based on your version of Sage Alerts of Workflow, before October 1st.
If you are on version 9 or v8.x, Sage Alerts and Workflow uses POP protocol for ERS. If you are on v10.x, Sage Alerts and Workflow uses IMAP protocol for ERS.
After October 1st, if POP or IMAP is disabled on your Office 365 tenant, you can request it be to re-enabled.
Documented workarounds and product updates will be available and communicated to customers by September 15th.