MC1189663 - Retirement of external access token for actionable messages – moving to Microsoft Entra authentication

Introduction

We’re retiring the use of external access tokens for actionable messages and transitioning to Microsoft Entra-based authentication. This update enhances security and aligns with modern identity standards, providing a more robust and compliant experience for actionable messages.

When this will happen

This change takes effect on March 31, 2026. After this date, external access tokens will no longer be supported.

How this affects your organization

Who is affected:

Organizations using actionable messages that currently rely on external access tokens.

What will happen:

• Actionable messages that depend on external access tokens will fail after March 31, 2026.
• All integrations and workflows using actionable messages must adopt Microsoft Entra authentication.
• This change improves security posture by leveraging Entra’s identity and access management capabilities.

• Review all actionable message implementations in your organization.
• Update integrations to use Microsoft Entra authentication before March 31, 2026.

Learn more:

• Actionable messages in Outlook and Office 365 Groups
• Enable Entra token for Actionable messages

No compliance considerations identified, review as appropriate for your organization.