End of support for Basic Authentication access to Exchange Online API’s for Office 365 customers

HI Team/@pgr ,

Microsoft is phasing out the login method in favour of oauth2 based auth for IMAP/POP connections in October of this year.Here’s the reference link below.

So the way we setup inbound emails/personal emails/bounce handling emails would change.
Does suitecrm will support that ? Kindly suggest.

Thank you.


I think the same thing will be happening for Gmail also, quite soon.

Try looking on Github for the correspondent issue regarding Gmail. There is some activity there. I think this is in the roadmap (has to be, really - we can’t lose Gmail and Exchange compatibility…).

Thank you for letting know @pgr

Hi there, I’m curious about the current status of development on this.
Is there a solution jet?

We are going to have a massive problem because at least one of our customers will be using the new exchange online api soon.

Maybe someone could point me into the right direction where I could find more information.
Best regards,

It is already built in to Suite * and works nicely.
See the OAuth sections under Admin.

It’s been in since at least 7.10

I use it on 7.11.21

7.12 fixes a bug with it when using PHP8

@DJuser how can we use the OAUTH sections to setup inbound M365 email accounts to use modern authentication protocol (based on OAUTH2) instead of standard IMAP basic authentication. I can see this is supported as SugarCRM Microsoft connector on SugarCRM, does SuiteCRM have something similar?

The OAuth sections are in admin:

  • OAuth Keys
  • OAuth2 Clients and Tokens

Can you talk us through, how you configured the settings there - and where did you see a problem (show screenshots of your problem).

1 Like

Hi @DJuser ,
thank you for your feedback. I am aware of these sections in Administration part of CRM, but I think these 2 sections are used to setup OAuth for API exposed from SuiteCRM (incoming requests direction). If you want some client to be able to connect to SuiteCRM API you are setting OAuth options in this administration section.

What I am trying to do is setup all inbound email accounts to connect to Microsoft 365 using OAuth2 authentication, instead of standard IMAP basic authentication.

When looking at at available inbound email configuration options, we have following:


There is no option to enter the M365 authentication server endpoint or anything related to OAuth authentication for inbound emails. I can see Sugar has a Microsoft connector available, is something like this available as a plugin or a native SuiteCRM functionality:



I am also facing this problem, how to be able to set up outgoing and incoming emails with office365, instead of the current SMTP with the new OAuth connection method.
It seems to me that in Sugar there is a possibility.
Will it be implemented soon in SuiteCRM as well?



We are also looking for the functionality to configure O365 email addresses using modern authentication, Microsoft will disable IMAP basic authentication on 1 October 2022 and this will impact on many customers using Inbound email to case creation and campaigns.
We have configured Client ID and Client Secret in OAuth Keys but still no option available to use modern authentication in Inbound email configuration. (see below screenshot)
Can anyone have already worked on this and made this available on SuiteCRM.

I don’t use Office365 but just so I understand the requirement, what is missing in SuiteCRM in order to use this new authentication?

Is it a new field in the email account configuration, some key that needs to be sent to server?

In SuiteCRM we do not have Microsoft connector to configure Client ID and Client Secret, whereas it is available in SugarCRM version 10.0 and higher.
Once you configure Microsoft connector and enable it, on the email configuration section you will get Microsoft Exchange option which allow you to authenticate O365 Email addresses directly from O365, no need to enter and save password in the CRM.
Below link from SugarCRM.

I’m not sure how complex that would be, but I wonder if something simpler wouldn’t be achievable without a full “connector” that skips authentication in SuiteCRM.

Just some field for a key in the email configuration, so you can use the accounts as before! Shouldn’t be too hard…

this is a major issue and prevents any use of suitecrm if this can’t be fixed. is there an update?

1 Like

I wouldn’t be sure that anyone in SalesAgility is going to be looking at this any time soon. My guess is that they will do so if pushed by one of their clients, if not, they will focus one of the other 1000 things on their work list. Fair enough.

This is the sort of thing that the Community can solve, people need to get together and try to find ways to make this work with tweaks to the existing code.

I wouldn’t think of this in terms of a “Connector”, or any fancy new functionality, I would just focus on the hurdle of getting OAUTH2 authentication to work. SuiteCRM uses something called PhpMailer, we probably need to add a special case in there at the moment it’s authenticating. Perhaps this will require some additional field on screen, in the UI. But it shouldn’t be terribly difficult.

People can get together and pay a developer for a few hours of work cracking this problem [not me, I’m not free at the moment].

Have you guys tried app passwords?

I’ve already mentioned on my response how to achieve that.

Yes, you’ve mentioned it in the other thread, that’s why I came here to let other people know about it, and linked to your reply :+1:

App Passwords use Basic Auth so they won’t help. Ie they’ll also be disabled in October+

Ref. first para of this article from MS date 7/1/2022: Deprecation of Basic authentication in Exchange Online | Microsoft Docs

Hi @sravanitedla , are there any updates on this issue? Any progress that’s been made to allow OAuth access to Microsoft Exchange? Thanks.