Microsoft has announced that legacy tokens will be disabled. This is causing certain Outlook add-ins that rely on these tokens to stop functioning properly.
The Phishing Reporter could throw out an error like this:
Error: EWS Error - An internal error has occurred.
The following actions are required to ensure the functionality of the add-ins.
Steps to Reactivate Legacy Tokens
Establishing a Connection with Exchange Online Powershell
To execute the necessary commands, a connection to Exchange Online PowerShell must first be established.
-
- Open Windows PowerShell
- Run the following command to import the Exchange Online Management module:
Import-Module ExchangeOnlineManagement
- Update the module to ensure you are using the latest version:
Update-Module -Name ExchangeOnlineManagement
- Establish a connection to Exchange Online:
Connect-ExchangeOnline
Sign with your Microsoft 365 administrator credentials.
Run the following command to re-enable legacy tokens:
Set-AuthenticationPolicy –AllowLegacyExchangeTokens -Identity "LegacyExchangeTokens"
Please note that it may take up to 24 hours for the change to take effect. Legacy Exchange tokens issued to Outlook add-ins before the token blocking was implemented will remain valid until they expire.
Important Notice
If you enable legacy tokens for Exchange Online now, they will not be disabled in February 2025 when Microsoft enforces their deprecation for all tenants.
The ability to reactivate legacy tokens is only available until June 2025. After that, the use of legacy tokens will be permanently blocked in all Microsoft 365 tenants.
Further information can be found in Microsoft's article:
https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off