MC1191241: Action Required: Update active Exchange Web Services Applications
Exchange Web Services (EWS) in Exchange Online will be blocked starting October 1, 2026. Organizations must migrate or sunset active EWS applications to Microsoft Graph, Power Platform, or Copilot Declarative Agents. Review apps, enhance security with MFA, and prioritize modernization to avoid se...
In 2018, we announced that we were no longer making feature updates to Exchange Web Services (EWS) in Exchange Online, and we advised developers to move to Microsoft Graph.
In September 2023, we announced that on October 1, 2026, we will start blocking EWS requests to Exchange Online.
We are now less than 12 months from October 1, 2026. We have made progress on closing most parity gaps with more changes in development to be released in the coming quarters. Please refer to Deprecation of Exchange Web Services in Exchange Online for up-to-date guidance and roadmap information.
You are receiving this notification because there are EWS applications in your tenant.
If you haven't already, start the process of working with your application development organization and your application vendors to either sunset or migrate active EWS applications on your tenant to the Graph API, Power Platform, or Copilot Declarative Agents.
The vast majority of custom EWS applications can be safely migrated to alternative technologies today.
[When this will happen:]
October 1, 2026
[How this affects your organization:]
In October 2026 we will begin disabling EWS on all M365 tenants worldwide. EWS Applications that have not been migrated will stop functioning.
The following applications on your tenant use EWS:
Entra Application ID
ea16111d-e259-462a-b0c5-e0b75b45d50d, 291a5523-66bd-4645-b861-ad02fa87071d, 506e08f9-6e9a-4da4-942b-a099a03644ae
Next Steps
- Review your application portfolio now to get an understanding of which apps need to be updated by your organization and which ones require updates from vendors.
- While EWS applications are active on your tenant, lower your risk of a successful attack by reviewing and updating the security practices for your organization. In particular, enable Multi Factor Authentication (MFA) for all users including test accounts.
- Prioritize EWS app modernization on your engineering schedule to ensure enough time to address any functionality gaps
- Disable EWS in your tenant or enable Baseline Security Mode when you no longer have applications that depend on it.
Note on Apple Mail for Mac
Apple Mail for Mac and related applications are some of the most popular EWS applications. We are working closely with Apple to update these applications. In order to run your tenant in the most secure configuration today, users of Apple Mail for Mac would have to switch to an alternative like Outlook for Mac until the applications have been updated.
We provide a set of open-source tools and tutorials to aid in discovery, analysis and AI assisted modernization of EWS applications.
Thank you in advance for taking steps to improve the security posture of your M365 tenant. We are extremely excited about the growing opportunities that the Microsoft 365 platform offers to developers, and we remain fully committed to our journey to empower developers with the best features and tools.