Microsoft has announced the retirement of Basic Authentication for SMTP (SMTP AUTH) in Exchange Online—an important change that will impact many applications, devices, and on‑premises systems that rely on Basic Auth to send email.
Originally scheduled for retirement in early 2026, Microsoft published an updated deprecation timeline on January 27, 2026, giving organizations additional time to transition to modern authentication.
Here is the official statement from Microsoft:
“We understand that many customers continue to face real challenges modernizing legacy email workflows and need sufficient time to adopt viable, secure alternatives. Based on customer feedback and visibility into adoption progress, we are refining the Exchange Online SMTP AUTH Basic Authentication Deprecation timeline to provide clearer milestones and additional runway."
These updates are intended to give customers with tenants in our service (all cloud environments) more time to plan, validate, and deploy modern authentication alternatives, while maintaining a clear path toward stronger default security.”
Source: https://techcommunity.microsoft.com/blog/exchange/updated-exchange-online-smtp-auth-basic-authentication-deprecation-timeline/4489835
This change may affect Business Central, NAV, and other on‑prem applications, as well as multifunction devices and scanners that still rely on SMTP Basic Auth.
Below is a breakdown of what to expect and how to prepare.
If your Business Central SaaS environment uses SMTP email accounts with Basic Auth, those accounts must be migrated to OAuth before March 1, 2026, to avoid disruptions.
Not affected
If you are using:
Current User email accounts
Shared Mailbox email accounts
These two options can also replace SMTP/OAuth email setups and are preferred configurations.
These already support modern authentication and are not impacted by the Basic Auth retirement.
Business Central On-Prem versions 18 through 27+ support SMTP with OAuth using an Azure App Registration.
To prepare:Not affected
Environments that exclusively use:
Older versions of Business Central and Microsoft NAV only support SMTP Basic Authentication, which means they cannot authenticate directly via OAuth.
However, there are several alternative options:
1. SMTP Relay through Microsoft 365 (Recommended for many on‑prem customers)
2. Direct Send via Microsoft 365
3. Azure Communication Services (ACS)
Microsoft provides an SMTP compatible service through ACS that uses modern auth.
4. Use a third‑party email service
Many external providers (e.g., SendGrid) will continue to support SMTP submissions with Basic Auth or offer API‑based alternatives.
5. Use an on‑prem SMTP relay
This can include:
Printers, copiers, scanners, and older applications often use SMTP Basic Auth for:
Many vendors have already released firmware updates to support OAuth or other modern auth methods—check with your device provider before the cutoff date.
With Microsoft’s updated retirement timeline, organizations now have additional flexibility:
However — Basic Auth is still going away, and planning should continue.
Whether you’re running Business Central SaaS, Business Central On‑Prem, older BC versions, or NAV, transitioning to OAuth or a supported relay method ensures uninterrupted email workflows and alignment with Microsoft’s security standards.