Microsoft removes support for basic authentication in Microsoft 365 services, including Exchange Online PowerShell. So if you’re not yet using the Exchange Online PowerShell modern authentication, it’s high time for you to start.
Luckily, this article will show you the different Exchange Online PowerShell modern authentication methods. So stay tuned and keep on reading.
Install the Exchange Online Management v2 Module
To connect to Exchange Online PowerShell using modern authentication, you must first install the Exchange Online Management v2 module. This module supports Windows PowerShell 5.1 and PowerShell 7.0.3 and above.
Since PowerShell 7+ is cross-platform, you may use the EXO v2 module on the following officially supported operating systems:
- Windows 10
- Windows 11
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- macOS 11 Big Sur or later
- macOS 10.15 Catalina
- macOS 10.14 Mojave
The examples in this article will be performed with PowerShell 7.2.5 on Windows 10.
To install the EXO v2 module, open PowerShell as administrator and run the command below:
Install-Module ExchangeOnlineManagement -Scope AllUsers
After the installation, confirm the successful module installation:
Get-Module -ListAvailable ExchangeOnlineManagement
As you can see, the latest EXO v2 module as of this writing is 2.0.5.
Note. On Linux and macOS systems, you’ll need to install an additional module, which is the PSWSMan module. This module installs the forked WSMan client libraries for Linux and macOS.
Install-Module -Name PSWSMan Install-WSMan
Interactive Exchange Online PowerShell Modern Authentication (without MFA)
For organizations and users that do not require multifactor authentication (MFA), the methods to connect to Exchange Online PowerShell using modern authentication are below.
Using Credential Objects
This Exchange Online PowerShell modern authentication method prompts you to enter the username and password manually:
Connect-ExchangeOnline -Credential (Get-Credential) -ShowBanner:$false
On PowerShell 7, the above command will prompt you to enter the credentials inline like on the screenshot below:
On Windows PowerShell 5.1, the behavior is different. You’ll get a pop-up dialog where you need to enter your credentials:
Alternatively, you can first store the credential to a variable by running the Get-Credential cmdlet. And when you execute the Connect-ExchangeOnline cmdlet, you can pass the variable to the -Credential parameter:
$exoCredential = Get-Credential Connect-ExchangeOnline -Credential $exoCredential -ShowBanner:$false
Using Inline Credentials
Specifying the -InlineCredential switch causes PowerShell to prompt you to enter the credentials on the terminal:
Connect-ExchangeOnline -InlineCredential -ShowBanner:$false
This login experience would be similar to the -Credential prompt, as you can see below.
Note. The -InlineCredential does not work on Windows PowerShell 5.1.
Interactive Exchange Online PowerShell Modern Authentication (with MFA)
For administrators whose accounts require MFA, the authentication experience includes logging in using the web browser. The web browser may or may not automatically launch depending on the Exchange Online PowerShell modern authentication you use.
Browser-Based Log In
To connect to Exchange Online PowerShell using modern authentication via the browser-based method, specify the -UserPrincipalName parameter followed by the username:
Connect-ExchangeOnline -UserPrincipalName your_account@domain.onmicrosoft.com
The browser automatically opens the authentication page. You’ll notice that your username is already populated on the login form. Enter your account password and click Sign in to complete the authentication.
If your admin account is MFA-enabled, you’ll get the MFA challenge you must complete:
If the login is successful, you’ll see the confirmation on the web browser, as shown below. Once you do, you can now close the browser and go back to your PowerShell window.
Device Code Log In
If you’re connecting to Exchange Online on a computer without a desktop environment, you obviously cannot open a web browser to perform the authentication. Typically, you’ll be in this situation on a Windows Server Core or Linux Server without a desktop environment.
In this case, you can still connect to Exchange Online PowerShell using modern authentication through the device-based code login. Here’s how it works.
Run the below command in PowerShell to initiate the device login.
Connect-ExchangeOnline -Device -ShowBanner:$false
You’ll see the below message telling you to open a web page on your browser and enter the unique code.
Now, open a web browser on any device and open the URL https://microsoft.com/devicelogin. Once you’ve opened the page, type the unique code into the field and click Next.
Continue the login process by entering your credentials and the MFA challenge (if enabled). You will get a message asking, “Are you trying to sign in to Microsoft Exchange REST API Based PowerShell?”. Click the Continue button.
Finally, you’ll receive the below message confirming that you’ve successfully logged in to Exchange Online PowerShell. At this point, you can now close the browser tab.
That’s it! You can now use modern authentication with the Exchange Online PowerShell module.
- Whitelisting Email Address in Office 365 - 16.08.2022
- How to Rotate Screen in Windows 10 and 11? - 13.08.2022
- How to Remove Weather from Taskbar in Windows 10 and 11? - 13.08.2022