The End of Basic Authentication: OAuth 2.0

Microsoft 365, Google Workspace and other cloud providers are taking steps to direct their users towards more secure forms of authentication. A logical step when you read that in 2022 84% of companies had an identity-related leak in the past 12 months.

Basic Authentication, often in the form of a Username & Password, will soon become a thing of the past and will become ‘Modern Authentication’. For example, MFA (Multi Factor Authentication) and secure tokens such as OAuth 2.0 over secure channels such as HTTPS. Resulting in fewer brute force login attempts, mis/reuse of passwords and phishing/social engineering of login data.

Dovetail OAuth2 & InboundEmail component

Modern authentication image news itemImplementation of OAuth 2.0 has always been possible within Dovetail, however it required multiple flows due to the operation of the protocol. In order to meet the increasing demand for ‘Modern Authentication’ and especially to simplify the implementation, we have developed our own component for this. In addition, the InboundEmail component has been extended with the possibility to use an access token to authenticate with OAuth 2.0.

The OAuth2 and the custom InboundEmail component will be available in version 4.13.0.

What does this mean for me?

If your flows use Microsoft 365 services, the deadline is October 1, from that moment Microsoft will automatically start migrating its services to ‘Modern Authentication’. There is an option to postpone the transition of your system until January 2023. This article from Microsoft describes the steps you need to take if you want to do this.

If you do want to be ready for Modern Authentication on October 1, it is important that you check the flows and make the necessary adjustments. Check the API documentation of your linked endpoints for more information.

Until now we haven’t seen any deadlines for Google Workspace and other cloud providers. However, we advise you to make the necessary adjustments to your flow(s) as soon as the OAuth 2 and custom InboundEmail component become available.


Related resources

Monitoring & reporting

Monitoring and reporting is of the essence to e...

Why integration made easy?

It is the premise we work on because integratio...

Expansion Dovetail health check API

Determining the required hosting capacity depen...

New release Dovetail 4.13 and Dovetail Academy

An update on the new or amended features in the...