For the past two years, Microsoft has been winding down the allowance of Basic authentication for its Exchanges services, and in September, Microsoft announced the altering of the authentication method supported by Exchange Online. As a result, Cisco Unity integrations to Exchange Online (M365) for Unified Messaging will be affected.
Traditionally, applications have connected to servers, services and API endpoints by sending a username and password via every request. Basic authentication is typically enabled by default due to its simplicity of setup. However, this authentication method is now viewed as an outdated industry standard and has become increasingly vulnerable to threats.
End of Microsoft Basic Authentication
On October 1, 2022, Basic authentication will be deprecated. As a result, support will only continue for applications using OAuth-based authentications. How does this affect those who utilize Cisco Unity? Simply put, it means that for any users of Cisco Unity Connection 11.5(1) SU7/12.5(1) SU1 and all older releases, Unified Messaging with Microsoft 365 will cease to work after the deprecation of Basic authentication.
Cisco Unity Connection Must Use OAuth-based Authentication
Cisco has stated that releases 11.5(1)SU8 / 12.5(1)SU2 and all newer versions of Cisco Unity Connection support both OAuth-based and Basic authentication for Microsoft 365:
Microsoft will support both types of authentications until the complete deprecation of Basic authentication. Upon completion of this changeover, users must exclusively utilize OAuth-based authentication.
Therefore, any customer currently using an earlier version of Cisco Unity Connection will need to update their deployment should they wish to continue using Unified Messaging with M365. Upon completing this upgrade, Cisco instructs that system administrators can configure the authentication method via the Unified Messaging Service Configuration page of the Cisco Unity Connection Administration.
Need More Time? What Can You Do?
For any organization that still requires updating its Unity Connection but needs additional time, Microsoft has announced there will be an opportunity to postpone this change. Customers can use self-service diagnostics to re-enable Basic authority for any protocols they need, once per protocol.
This postponement will be allowed between October 1 and December 31, 2022. However, it is critical to note that any protocol exceptions or re-enabled protocols will be turned off during the first week of January 2023, with no possibility of further use.
OneNeck, We’ve Got Your Back
If you have any questions or are unsure your Cisco Unity Connection is ready for OAuth-based authentications, we’re here to help. Talk to one of our experienced team members today, and ensure your Cisco Unity Connection is future-ready.