Friday, 12 December 2025

Time to Upgrade: Move Your Business Central Emails to OAuth 2.0 Before March 2026

Introduction

Microsoft is retiring SMTP Basic Authentication on March 1, 2026. If your Business Central environment still uses the old username/password method for sending emails, it’s time to act. Switching to OAuth 2.0 (Modern Authentication) will keep your system secure, compliant, and ready for the future.

This guide explains why this change matters and how you can make the transition smoothly.


Why Switch to OAuth 2.0?

Microsoft is pushing this upgrade because:

  • Basic Auth is outdated, and risky - passwords can be hacked easily.
  • OAuth 2.0 is more secure - uses tokens instead of passwords.
  • Supports MFA, conditional access, and better compliance.
  • Works perfectly with Business Central’s modern email framework.

After March 1, 2026, Basic Auth will stop working completely.


How to Migrate in Simple Steps

1. Check Your Current Setup

If you’re using SMTP with username/password (smtp.office365.com), you need to migrate.


2. Use Business Central’s Modern Email Accounts

  • Go to Tell Me - Email Accounts
  • Click New - Microsoft 365
  • Sign in using OAuth and approve permissions
  • Set this as your default email account


3. (Optional) Register an Azure AD App

Needed only for advanced scenarios like custom integrations.

  • Register app in Azure
  • Add permissions: SMTP.Send, offline_access, email, openid, profile
  • Add redirect URI: https://businesscentral.dynamics.com/oauth/redirect
  • Grant admin consent


4. Update Business Central Settings

  • Disable old SMTP setup
  • Update workflows, report selections, and job queues
  • Replace SMTP references in custom AL code with modern email APIs


5. Test Everything

Send test emails, check invoices, approvals, and job queues.


6. Remove Old SMTP Configurations

Delete credentials and server entries to avoid fallback.


Benefits of OAuth 2.0

  • Stronger security
  • No stored passwords
  • MFA and conditional access support
  • Microsoft-recommended best practice

Future-ready and compliant


Deadline Reminder

March 1, 2026 - After this date, SMTP Basic Auth will stop working. Migrate now to avoid email failures.


References & Credit

Exchange Online to retire Basic auth for Client Submission (SMTP AUTH) | Microsoft Community Hub

(Original content inspired by https://dynamicsdecoded.wordpress.com/2025/12/10/secure-your-business-central-emails-migrate-to-oauth-2-0/)


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)