is MAPI legacy authentication?

[wUEZRs]

The document lists MAPI in the first portion as a legacy protocol that can't enforce MFA. However in the articles linked from this page MAPI is mentioned as the preferred option for Outlook that can do MFA and modern authentication. I don't think MAPI is part of the "CA Legacy protocol block" so this is incorrect information?

In this linked article one can read: Outlook Anywhere (formerly known as RPC over HTTP) has been deprecated in Exchange Online in favor of MAPI over HTTP. Outlook for Windows uses MAPI over HTTP, EWS, and OAB to access mail, set free/busy and out of office, and download the Offline Address Book. All of these protocols support Modern authentication.

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: ad5f26dc-2f8f-ef76-3d20-a0a42d2bbada
• Version Independent ID: a0e971d1-05f2-2c21-06d4-60c087d45c0a
• Content: Block legacy authentication - Azure Active Directory - Microsoft Entra
• Content Source: articles/active-directory/conditional-access/block-legacy-authentication.md
• Service: active-directory
• Sub-service: conditional-access
• GitHub Login: @MicrosoftGuyJFlo
• Microsoft Alias: joflore

[ManoharLakkoju-MSFT]

@wUEZRs Thanks for your feedback! We will investigate and update as appropriate.

[MicrosoftGuyJFlo]

There is a legacy and modern option for MAPI as mentioned in the article you linked to... https://docs.microsoft.com/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#pop-imap-and-smtp-auth

#please-close