Microsoft is making a security change that affects how the SourceWhale Outlook add-in authenticates users.
From February 2025, legacy Exchange Online tokens will be disabled by default for all Microsoft 365 tenants. This means that, unless re-enabled by your Microsoft 365 Administrator, the SourceWhale Outlook add-in may no longer function as expected when trying to retrieve user identity details from Microsoft Exchange Online.
SourceWhale is working on a long-term solution to keep the Outlook add-in running without legacy Exchange tokens. Until then, to continue using the add-in, your Microsoft 365 Administrator must follow the steps in this guide.
How to Re-enable Legacy Exchange Online Tokens
This action must be completed by your Microsoft 365 Administrator. If you are not an admin, please forward this guide to your IT team.
You can watch this video, or follow the steps below (you can also view the Microsoft Guide on this here).
Steps if you are using Windows
Step 1: Open PowerShell and Install Exchange Online Module
Sign into Microsoft 365 as an Administrator
Open PowerShell as an Administrator.
Install the Exchange Online PowerShell module:
Install-Module -Name ExchangeOnlineManagement
Step 2: Install and Import the Exchange Online Module
Run the following command to allow PowerShell scripts to run:
set-executionpolicy unrestricted
Do you want to change the execution policy? Select Yes.
Import the module:
Import-Module -Name ExchangeOnlineManagement
Ensure you have the latest version by running:
Update-Module -Name ExchangeOnlineManagement
Step 3: Connect to Exchange Online
Log in to the Exchange Online server by running:
Connect-ExchangeOnline
Sign in using your Microsoft 365 administrator credentials when prompted.
Step 4: Check the Current Legacy Token Setting
To check whether legacy tokens are currently enabled or disabled, run:
Get-AuthenticationPolicy -AllowLegacyExchangeTokens
If AllowLegacyExchangeTokens is already set to true, there there is nothing to change. You can skip to Step 6.
Step 5: Enable Legacy Exchange Online Tokens
To re-enable legacy tokens for the SourceWhale Outlook add-in, run:
Set-AuthenticationPolicy –AllowLegacyExchangeTokens -Identity "LegacyExchangeTokens"
⚠ Important Notes:
• This change may take up to 24 hours to take effect.
• After June 2025, Microsoft will permanently disable all legacy tokens, meaning this workaround will no longer be available.
Step 6: Reset Execution Policy to Default
After completing the changes, restore the default security setting for PowerShell scripts:
set-executionpolicy restricted
Steps if you are using a Mac
Install Powershell
Download directly from Microsoft and the version that corresponds to the Mac you have:
a) If you don't know which version to install then you can find out if you are using Intel or an Apple Silicon Chip by clicking on the Apple Icon and then About this Mac
b) Look at what's mentioned in the Chip section and download the corresponding version.
2. Go to - System Settings
3. Go to Privacy and Security
4. Scroll down to the Security section and click on Open Anyway
5. Follow the installation steps to install Powershell
6. Open the Terminal.app (In the Application -> Utilities folder)
7. Type pwsh to enable powershell mode and then follow the list of commands.
Follow the steps below by copying and pasting the following commands into the terminal:
Step 1: Install Exchange Online Module
Install the Exchange Online PowerShell module:
Install-Module -Name ExchangeOnlineManagement
Step 2: Import the Exchange Online Module
Import the module:
Import-Module -Name ExchangeOnlineManagement
Ensure you have the latest version by running:
Update-Module -Name ExchangeOnlineManagement
Step 3: Connect to Exchange Online
Log in to the Exchange Online server by running:
Connect-ExchangeOnline
Sign in using your Microsoft 365 administrator credentials when prompted.
Step 4: Check the Current Legacy Token Setting
To check whether legacy tokens are currently enabled or disabled, run:
Get-AuthenticationPolicy -AllowLegacyExchangeTokens
If AllowLegacyExchangeTokens is already set to true, there is nothing to change. Simply quit terminal.
Step 5: Enable Legacy Exchange Online Tokens
To re-enable legacy tokens for the SourceWhale Outlook add-in, run:
Set-AuthenticationPolicy –AllowLegacyExchangeTokens -Identity "LegacyExchangeTokens"
Frequently Asked Questions
What If Legacy Tokens Are Not Enabled?
If your administrator does not enable these tokens, the SourceWhale Outlook add-in may stop working as expected.
How long will this fix work?
Microsoft will allow administrators to enable legacy tokens until June 2025. After that, this method will no longer work, and an alternative authentication method will be required.
Do all SourceWhale users need to do this?
No, only those that are using the Outlook Add-in and only a Microsoft 365 Administrators should make this change, not all users. If you are not an admin, please contact your IT team.
What happens if I do nothing?
The SourceWhale Outlook add-in may lose functionality when trying to retrieve user identity information from Exchange Online and you won't be able to use the add-in.