Favorite your Message Center and Roadmap items. Access them anytime via your Profile. Export and share with your team or your LLM.

(Updated) Retirement of external access token for actionable messages – moving to Microsoft Entra authentication

Message ID
MC1189663
View in Message Center
Service
Microsoft 365 apps
Category
Plan for Change
Tags
Major Change Admin impactRetirement
Act By
March 30, 2026
Rollout
May 2026

Summary

External access tokens for actionable messages will be retired on May 15, 2026, requiring organizations to switch to Microsoft Entra authentication. This change enhances security and affects all integrations using actionable messages with external tokens, which will fail after the deadline. Organizations should update their implementations accordingly.

Details

Updated March 24, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re retiring the use of external access tokens for actionable messages and transitioning to Microsoft Entra-based authentication. This update enhances security and aligns with modern identity standards, providing a more robust and compliant experience for actionable messages.

[When this will happen]

This change takes effect on May 15, 2026. After this date, external access tokens will no longer be supported.

[How this affects your organization]

Who is affected:

Organizations using actionable messages that currently rely on external access tokens.

What will happen:

  • Actionable messages that depend on external access tokens will fail after May 15, 2026.
  • All integrations and workflows using actionable messages must adopt Microsoft Entra authentication.
  • This change improves security posture by leveraging Entra’s identity and access management capabilities.
[What you can do to prepare]
  • Review all actionable message implementations in your organization.
  • Update integrations to use Microsoft Entra authentication before May 15, 2026.

Learn more:

[Compliance considerations]

No compliance considerations identified, review as appropriate for your organization.

Change History

Show
Published: November 25, 2025
Last Updated: March 24, 2026
March 24, 2026 at 4:30 PM Updated
Title
Previous
Retirement of external access token for actionable messages – moving to Microsoft Entra authentication
New
(Updated) Retirement of external access token for actionable messages – moving to Microsoft Entra authentication
Summary
Previous
External access tokens for actionable messages will be retired by March 31, 2026, requiring organizations to switch to Microsoft Entra authentication. This change enhances security and compliance. Organizations should review and update their actionable message integrations before the deadline to avoid failures.
New
External access tokens for actionable messages will be retired on May 15, 2026, requiring organizations to switch to Microsoft Entra authentication. This change enhances security and affects all integrations using actionable messages with external tokens, which will fail after the deadline. Organizations should update their implementations accordingly.
Last Updated Date
Previous
2025-11-25T00:06:04.353Z
New
2026-03-24T16:15:49.247Z
Tags
Previous
Admin impact,Retirement
New
Updated message,Admin impact,Retirement
Body Content
Previous

[Introduction]

We’re retiring the use of external access tokens for actionable messages and transitioning to Microsoft Entra-based authentication. This update enhances security and aligns with modern identity standards, providing a more robust and compliant experience for actionable messages.

[When this will happen]

This change takes effect on March 31, 2026. After this date, external access tokens will no longer be supported.

[How this affects your organization]

Who is affected:

Organizations using actionable messages that currently rely on external access tokens.

What will happen:

  • Actionable messages that depend on external access tokens will fail after March 31, 2026.
  • All integrations and workflows using actionable messages must adopt Microsoft Entra authentication.
  • This change improves security posture by leveraging Entra’s identity and access management capabilities.
[What you can do to prepare]
  • Review all actionable message implementations in your organization.
  • Update integrations to use Microsoft Entra authentication before March 31, 2026.

Learn more:

[Compliance considerations]

No compliance considerations identified, review as appropriate for your organization.

New

Updated March 24, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

We’re retiring the use of external access tokens for actionable messages and transitioning to Microsoft Entra-based authentication. This update enhances security and aligns with modern identity standards, providing a more robust and compliant experience for actionable messages.

[When this will happen]

This change takes effect on May 15, 2026. After this date, external access tokens will no longer be supported.

[How this affects your organization]

Who is affected:

Organizations using actionable messages that currently rely on external access tokens.

What will happen:

  • Actionable messages that depend on external access tokens will fail after May 15, 2026.
  • All integrations and workflows using actionable messages must adopt Microsoft Entra authentication.
  • This change improves security posture by leveraging Entra’s identity and access management capabilities.
[What you can do to prepare]
  • Review all actionable message implementations in your organization.
  • Update integrations to use Microsoft Entra authentication before May 15, 2026.

Learn more:

[Compliance considerations]

No compliance considerations identified, review as appropriate for your organization.

Never Miss a Microsoft 365 Update

Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.

Explore Dashboard Sign Up Free