Target
- Customers using Microsoft 365
- Customers using Access Control
Purpose
- This explains how to check whether Basic Authentication (Legacy Authentication) of Microsoft 365 (Azure Active Directory) is being used from Access Control or Microsoft 365.
Notes
- The content related to Access Control in this article is based on the product specifications as of December 2025 and may change without notice thereafter.
- The content of this article is based on Microsoft's product specifications as of November 2021.
It may change without notice due to updates or specification changes thereafter. - This procedure is confirmed using a Microsoft 365 administrator account.
Table of Contents
Procedure
When using Access Control
-
Access the [Log Management] - [Access Logs] from the Access Control Administration.
-
Adjust the Search Period from the search bar at the top right of the screen, select [Login Type] - [WS-Trust] from [Filters], and click [Search].
- Showing results will be displayed.
Detailed Procedure Explanation
Procedure
- Sign in to the Microsoft Azure portal with your Microsoft 365 administrator account.
-
Click on the portal menu on the top left.
- Click on [Microsoft Enter ID].
- When the Microsoft Azure screen appears, click on [Sign-in logs] in the [Monitoring] section on the left side menu.
-
When the sign-in logs are displayed, select [Client app] from [Add a filter], and click [Apply].
-
[Columns] will appear at the top, click on it, check [Client app], and scroll down to click [Save].
-
Click on [Client app: Not applied], and check the items in the [Legacy authentication clients] section.
The clients that can be set as basic authentication (legacy authentication) clients include:
・Exchange ActiveSync
・Exchange Online Powershell
・Exchange Web Services
・IMAP
・MAPI over HTTP
・Outlook Anywhere (RPC over HTTP)
・SMTP
・Online Address Book
・POP (Post Office Protocol)
・Universal Outlook
・Reporting Web Services
・Other clients
・Automatic Detection