KBI 311840 New Feature: How To Send Argent Advanced Technology Email Alerts Using Microsoft 365

 

Version

Argent Advanced Technology 5.1A-2007-A and above

Date

Tuesday, 16 June 2020

Summary

The recommended method for sending/receiving Microsoft 365 email is to use Exchange Web Service (EWS), which is supported since Argent AT 5.1A-2001-A

Initially EWS used Basic Authentication of logon and password

However, Microsoft has decided to discontinue Basic Authentication for Microsoft 365 email starting in October 2020

The alternative after that time will be app-based authentication

Interactive logons will have MFA (multi-factor authentication) that requires a verification code sent through email or SMS

This is not suitable for service programs, like Argent Console, running in the background

In a nutshell, the Microsoft 365 account administrator registers an app on the Microsoft 365 portal, assigns it with EWS privileges, and uses the provided application id, tenant id, and application secret for authentication

The Argent Console Engine settings has new fields to allow app-based authentication for Microsoft 365


Click For Full Size

 

Note:

 

  1. In the field “Exchange Service Url”, enter https://outlook.office365.com/EWS/Exchange.asmx or “office365” as an abbreviation for Microsoft 365 email
  2. This feature requires PowerShell module “PartnerCenter”
     

    To install the module, run “Install-Module -Name PartnerCenter”

 

The feature has been implemented in Argent AT 5.1A-2007-A

Technical Background

Exchange Web Service (EWS) is the recommended method sending Exchange email

Basic Authentication using logon and password is supported and continues to be so for Exchange Servers on premises

However, it will be discontinued for Microsoft 365 email (Exchange Online) in October 2020

The new default logon requires a verification code through SMS or email, which is not applicable for background services

EWS continues to support app-based authentication for the foreseeable future

Argent AT adds this capability to the email facility in Argent Console

To use the feature, the customer must register an app on the Microsoft 365 portal

The customer should take the following steps:

  1. Logon to the Microsoft 365 portal (https://www.office.com/)
  2. Click on “Admin”

    Click For Full Size

  3. Click on “Show all”

    Click For Full Size

  4. Click on “Azure Active Directory”

    Click For Full Size

  5. Click on “Azure Active Directory” then “App registrations”

    Click For Full Size

  6. Click on “New registration” and give new App some name such as “Argent AT”
     

    Take most of the default settings


    Click For Full Size

  7. Copy down the Application ID and Directory (Tenant) ID
  8. Next is to the assign appropriate permissions as shown in the screenshots below

    Click For Full Size


    Click For Full Size

  9. Click on “Certificate & secrets” and add a client secret

    Click For Full Size

    Copy down the client secret immediately

     

    It won’t be shown completely again after you navigate away

Resolution

Upgrade to Argent Advanced Technology 5.1A-2007-A and above