This article is currently a work in progress

Introduction

To learn more about modern authentication, visit: https://blogs.office.com/2015/03/23/office-2013-modern-authentication-public-preview-announced/

In order for Office clients to use modern authentication flows, the Office 365 tenant needs to be configured support modern authentication flows. You can find more details here - http://aka.ms/modernAuthClients.

Defaults

The Office 365 tenant/resource host (Exchange Online, SharePoint Online and Skype for Business Online) will need to be configured to accept a modern authentication connection. We recommend Exchange Online be enabled for modern authentication when enabling modern authentication for Skype for Business.

Here is the per service state of modern authentication by default:

  • Skype for Business Online - OFF by default.
  • Exchange Online - OFF by default.
  • SharePoint Online - ON by default.

Because Skype for Business clients connect to both Skype for Business Online and Exchange Online, tenant level modern authentication settings should match for Exchange Online and Skype for Business Online.

Steps to enable modern authentication for Skype for Business Online

This article explains how to enable your Skype for Business Online tenant to support modern authentication.

  1. Connect to Skype for Business Online using remote PowerShell: https://aka.ms/SkypePowerShell
  2. Run the following command:
    • Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed
  3. Verify that the change was successful by running the following:
    • Get-CsOAuthConfiguration

Frequently Asked Questions

How can Exchange Online be configured to use modern authentication?

Via Exchange Online remote PowerShell: How to enable your tenant for modern authentication

I enabled modern authentication in my tenant, but now I want to revert it. How do I do that?

Run the following command.