barscaret-downcaret-leftcaret-rightcaret-upcheckchevron-leftchevron-rightfile-pdfinfosign-in-altsignin text-widthtimesyoutube

iOS > Device Data & Configuration

Enabling OAuth on Mail for Exchange for iOS

Updated on November 3rd, 2022

Microsoft has announced that they will remove the basic authentication in Exchange Online for most email connection protocols by the end of the year 2022. This means that authentication with username and password is not supported anymore and OAuth authentication should be used instead. This modern authentication is more secure and allows the use of two-factor authentication which the basic one doesn't.

You can enable OAuth on Mail for Exchange with the configuration profile in Miradore. This article points out some things to take into consideration to successfully enable OAuth authentication for the organization's iOS devices. The article includes also information about the user experience after the configuration is deployed to the devices.

Important information

  • OAuth is supported for devices running iOS 12.0 or above.
  • When you enable the OAuth for the Mail for Exchange configuration in Miradore (Management > Configuration profiles), the user-specific password is ignored even if it is set for a user (Company > Users).
  • When you modify the existing configuration with OAuth, test the configuration by deploying it to one or two devices before installing it for all the devices.

Viewing the status of the configuration deployment

After creating the OAuth configuration for Mail for Exchange and testing it, you can deploy it for the selected devices with Miradore. You can view the status of the deployment from the Action log (Management > Action log).

Configuration profile deployment status

What happens on the device after the configuration is deployed

After the OAuth configuration is deployed to the device, the user needs to enter the password of the Exchange account.

OAuht on Mail for Exchange enter the password

When pressing Edit Settings user can enter the password.

 

Sign in to the Exchange account

Once the user has entered the correct account details to sign in, their native Exchange account will start syncing email.

In case the MFA is in use, the user must verify the identity using the authenticator application, such as Microsoft Authenticator.

verify your identity for the Exchange account

Troubleshooting

  • If users are not prompted with the Enter the password for the Exchange account, users can open Settings > Mail > Accounts > the Exchange account and press the Re-enter Password.

Miradore - re enter password for mail for exchange in ios e1667207058778

  • To prevent problems when deploying the re-configured Mail for Exchange profile, remove the configuration profile without OAuth if it has been deployed to the iOS devices earlier.

Device page removing configuration profile

  • In a case there are no emails on the Mail app:
    • Make sure the iOS device has passcode set.
    • The Mail app's Shared mailbox -view might be empty when the user opens it for the first time. Going back to the Main account and then opening the Mail for Exchange account's Inbox, the messages should be visible there. Now, the Shared Inbox should also show the messages.

missing mails on shared inbox Mail for Exchange

Exchange mail app Mailboxes

  • This field is for validation purposes and should be left unchanged.

Previous Article:
«

Next Article:
»