[Exchange](legacy tokens) How to get list of add-ins using Exchange tokens #5068
+9
−5
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Learn Build status updates of commit be1ce9d: ✅ Validation status: passed
For more details, please refer to the build report. For any questions, please:
|
lindalu-MSFT
approved these changes
Feb 24, 2025
| We published a list of all Outlook add-ins published to the Microsoft store that use legacy tokens as of October 2024. For more information on how to use the list and build a report of Outlook add-ins that are potentially using legacy tokens, see [Find Outlook add-ins that use legacy Exchange Online tokens](https://github.com/OfficeDev/office-js/tree/release/add-in-ids). Also we're working on report tooling to make tracking add-ins using legacy tokens easier. We hope to have the report tooling available in early 2025. | ||
| You can get a list of all add-ins that requested legacy Exchange Online tokens in the last seven days by using the `Get-AuthenticationPolicy -AllowLegacyExchangeTokens` command. For more information, see [Turn legacy Exchange Online tokens on or off](turn-exchange-tokens-on-off.md). | ||
|
|
||
| Additionally, we published a list of all Outlook add-ins published to the Microsoft store that use legacy tokens as of October 2024. For more information on how to use the list and build a report of Outlook add-ins that are potentially using legacy tokens, see [Find Outlook add-ins that use legacy Exchange Online tokens](https://github.com/OfficeDev/office-js/tree/release/add-in-ids). Also we're working on report tooling to make tracking add-ins using legacy tokens easier. We hope to have the report tooling available in early 2025. |
There was a problem hiding this comment.
Suggested change
| Additionally, we published a list of all Outlook add-ins published to the Microsoft store that use legacy tokens as of October 2024. For more information on how to use the list and build a report of Outlook add-ins that are potentially using legacy tokens, see [Find Outlook add-ins that use legacy Exchange Online tokens](https://github.com/OfficeDev/office-js/tree/release/add-in-ids). Also we're working on report tooling to make tracking add-ins using legacy tokens easier. We hope to have the report tooling available in early 2025. | |
| Additionally, we published a list of all Outlook add-ins published to the Microsoft store that use legacy tokens as of October 2024. For more information on how to use the list and build a report of Outlook add-ins that are potentially using legacy tokens, see [Find Outlook add-ins that use legacy Exchange Online tokens](https://github.com/OfficeDev/office-js/tree/release/add-in-ids). Also, we're working on report tooling to make tracking add-ins using legacy tokens easier (available soon!) |
There was a problem hiding this comment.
@davidchesnut do we still need the last two sentences with the updated Get-AuthenticationPolicy command?
| @@ -64,8 +64,10 @@ Blocked: [] | |||
| PS C:\> | |||
| ``` | |||
|
|
|||
| If any add-ins requested a legacy Exchange Online token in the last seven days, it will appear in the **Allowed** or **Blocked** list. If an add-in was granted the token request, it appears in the **Allowed** list. If the token request was denied, it appears in the **Blocked** list. It is possible for the same add-in to appear in both lists. This can happen if they were allowed to get tokens, but then tokens were turned off. | |||
There was a problem hiding this comment.
Suggested change
| If any add-ins requested a legacy Exchange Online token in the last seven days, it will appear in the **Allowed** or **Blocked** list. If an add-in was granted the token request, it appears in the **Allowed** list. If the token request was denied, it appears in the **Blocked** list. It is possible for the same add-in to appear in both lists. This can happen if they were allowed to get tokens, but then tokens were turned off. | |
| If any add-ins requested a legacy Exchange Online token in the last seven days, it will appear in the **Allowed** or **Blocked** list. If an add-in was granted the token request, it appears in the **Allowed** list. If the token request was denied, it appears in the **Blocked** list. It's possible for the same add-in to appear in both lists. This can happen if they were allowed to get tokens, but then tokens were turned off. |
samantharamon
approved these changes
Feb 24, 2025
| We published a list of all Outlook add-ins published to the Microsoft store that use legacy tokens as of October 2024. For more information on how to use the list and build a report of Outlook add-ins that are potentially using legacy tokens, see [Find Outlook add-ins that use legacy Exchange Online tokens](https://github.com/OfficeDev/office-js/tree/release/add-in-ids). Also we're working on report tooling to make tracking add-ins using legacy tokens easier. We hope to have the report tooling available in early 2025. | ||
| You can get a list of all add-ins that requested legacy Exchange Online tokens in the last seven days by using the `Get-AuthenticationPolicy -AllowLegacyExchangeTokens` command. For more information, see [Turn legacy Exchange Online tokens on or off](turn-exchange-tokens-on-off.md). | ||
|
|
||
| Additionally, we published a list of all Outlook add-ins published to the Microsoft store that use legacy tokens as of October 2024. For more information on how to use the list and build a report of Outlook add-ins that are potentially using legacy tokens, see [Find Outlook add-ins that use legacy Exchange Online tokens](https://github.com/OfficeDev/office-js/tree/release/add-in-ids). Also we're working on report tooling to make tracking add-ins using legacy tokens easier. We hope to have the report tooling available in early 2025. |
There was a problem hiding this comment.
@davidchesnut do we still need the last two sentences with the updated Get-AuthenticationPolicy command?
| @@ -48,7 +48,7 @@ Important notes about this command. | |||
| - You’ll only be able to turn tokens back on until June 2025 when all legacy tokens in all tenants will be forced off. For more information, see the [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://aka.ms/NAAFAQ). | |||
| - Although the `-Identity` parameter is required, it doesn't affect any specific authentication policy. The command always applies to the entire organization regardless of what value you use. We show the value as `LegacyExchangeTokens` in the examples to keep the intent clear. | |||
|
|
|||
| ## Get the status of legacy Exchange Online tokens | |||
| ## Get the status of legacy Exchange Online tokens and add-ins using them | |||
There was a problem hiding this comment.
Suggested change
| ## Get the status of legacy Exchange Online tokens and add-ins using them | |
| ## Get the status of legacy Exchange Online tokens and add-ins that use them |
| > [!NOTE] | ||
| > The previous command is the only way to view legacy token status. Other commands, such as `Get-AuthenticationPolicy | Format-Table -Auto Name` don't return the legacy token status. | ||
| > The `Get-AuthenticationPolicy -AllowLegacyExchangeTokens` command is the only way to view legacy token status. Other commands, such as `Get-AuthenticationPolicy | Format-Table -Auto Name` don't return the legacy token status. |
There was a problem hiding this comment.
Suggested change
| > The `Get-AuthenticationPolicy -AllowLegacyExchangeTokens` command is the only way to view legacy token status. Other commands, such as `Get-AuthenticationPolicy | Format-Table -Auto Name` don't return the legacy token status. | |
| > The `Get-AuthenticationPolicy -AllowLegacyExchangeTokens` command is the only way to view legacy token status. Other commands, such as `Get-AuthenticationPolicy | Format-Table -Auto Name`, don't return the legacy token status. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds documentation for how to get a list of add-ins using legacy Exchange Online tokens.