Microsoft 365 Enterprise Application Authentication
Veeam News, Tuesday, August 1,2023
Over the last several years, Microsoft has worked on APIs and authentication methods to help organizations mitigate security concerns around compromised credentials. These advances include Azure Vault, MFA, Ephemeral accounts, enterprise applications and more.
In many security best practices, the goal is to migrate away from using username and password authentication for automated process and application access using APIs. This also becomes a constraint when rolling out MFA in an organization because the user must be present for the application authentication. A bridge in this scenario was the addition of app passcodes that could be used with user accounts to authenticate, but this still came with potential security concerns. Enterprise applications have now become the better method for this problem, allowing a dedicated application in Azure to be scoped in with the proper API permissions. Read on to learn about the benefits of enterprise applications, the benefits of using app-only authentication methods and what changes will need to be made when Microsoft deprecates access to basic authentication (username and password) access method later this year.