Re: Microsoft Office 365 Reporting Add-on for Splu... - Page 2

lac_kango · ‎02-12-2020

Hello,

I found a blog about microsoft retiring basic authentication for Exchange Online on October 13, 2020.

https://developer.microsoft.com/en-us/office/blogs/end-of-support-for-basic-authentication-access-to...

If this app uses basic authentication, the request will fail after October 13, 2020.

I think this app uses basic authentication. Is there any way this app can use other authentication methods than basic authentication?

splunk version : 7.3.1
app version : 1.1.0

Thanks!

Andyp55 · ‎08-26-2022

Just an FYI for those that haven't seen but the Splunkbase app got updated for Modern Authentication

rayar · ‎08-28-2022

Do you know if its planned to use lower permissions ?

jconger · ‎08-29-2022

The originally required permissions were either Global Administrator or Exchange Administrator. However, Microsoft has changed that to now allow the Global Reader role.

jconger · ‎05-18-2022

We are in touch with Microsoft, and we are waiting on an updated API. According to this document, the Reporting Web Services (the service this add-on uses) will have OAuth support by the end of May 2022. We will update the add-on to work with Modern authentication when it is implemented in the API.

Raphy · ‎06-30-2022

Have you received feedbacks from Microsoft on OAuth support ?
Thank you.

dfranco · ‎07-26-2022

From (Updated) OAuth interface for Office 365 Reporting web service MC318316:

Key points

Timing: Rollout will begin in early May (previously mid-March) and is expected to be complete by mid-July (previously late May).
We are ending July, did you received any update from Microsoft ?

jconger · ‎07-26-2022

Yes, we have draft documentation from Microsoft for programmatic OAuth access to the Reporting Web Services API. I've tested this in my internal lab and it works! The add-on coding is happing as I type this message...

jconger · ‎08-01-2022

Version 2.x is out and supports modern authentication (OAuth)!

https://splunkbase.splunk.com/app/3720/

mik3y · ‎08-01-2022

Thanks @jconger The update is working well.

My only issue was getting server 500 from reports.office365.com when stipulating a 30 day window to sync.

I was able to get it going by not specifying a start date/time.

dfranco · ‎07-28-2022

Great ! Thank you very much 👏👏👏

rayar · ‎07-26-2022

Do you mean May 2023 ?

Raphy · ‎07-25-2022

Hello @jconger ,

According to this blog post from Microsoft Office from june 30th :
https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-oauth-2-0-client-credentials-fl...

It should be possible from now to retrieve Email data from Exchange Online through Oauth by using an Application permission instead of an user permission.

jconger · ‎07-25-2022

Hi Raphy,

Thanks for the reference to the Microsoft article. That article details how to use OAuth with IMAP, POP, and SMTP with Exchange Online. The API this add-on uses is different - it is called the Reporting Web Service. But, I do have some good news. We received draft documentation from Microsoft for OAuth with the Reporting Web Service, and coding is currently underway to get this add-on updated.

siemple99 · ‎03-17-2022

Thank you

rayar · ‎06-12-2022

Hi

How you are going to handle the integration till the new ADD-On is released ?

Microsoft retiring basic authentication for ExchangeOnline, is there a way app can use other authentication methods?

troubleshooting

upgrade

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

Alerting Best Practices: How to Create Good Detectors

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...