Microsoft has announced the deprecation of legacy tokens, which is impacting certain Outlook add-ins that depend on them, causing functionality issues.
PhishArm can stop working while reporting an email and you can follow the below steps to implement the solution.
Important Notice: If you enable legacy tokens for Exchange Online now, they will remain active beyond February 2025, when Microsoft enforces their deprecation for all tenants.
However, the option to reactivate legacy tokens will only be available until June 2025. After that, their use will be permanently blocked across all Microsoft 365 tenants.
The following steps must be taken to maintain the functionality of the add-ins.
Steps to Re-enable Legacy Tokens
Establishing a Connection with Exchange Online PowerShell
To run the required commands, you must first establish a connection to Exchange Online PowerShell.
Open Windows PowerShell
Run the following command to import the Exchange Online Management module:
Import-Module ExchangeOnlineManagement
3. Update the module to ensure you are using the latest version:
Update-Module -Name ExchangeOnlineManagement
4. Establish a connection to Exchange Online:
Connect-ExchangeOnline
Sign in with your Microsoft 365 administrator credentials.
Execute the following command to restore legacy token access:
Set-AuthenticationPolicy –AllowLegacyExchangeTokens -Identity "LegacyExchangeTokens"
Please be aware that the change may take up to 24 hours to take effect. Legacy Exchange tokens issued to Outlook add-ins before the blocking was enforced will remain valid until they expire.
Please refer to the video below for the process:
