Could your company face serious risks from the new Microsoft API changes you cannot afford to overlook?
Microsoft is updating how new applications interact with Exchange Online and Teams to enhance security. These changes, announced in the Microsoft 365 Message Center, require administrator approval for third-party apps that need to access your organization’s data. This policy is designed to give you greater control and protect sensitive information by default.
The change specifically targets new app permissions. Any apps you have previously approved will not be affected and will continue to function as they do now. The updates will begin rolling out in late October 2025 and continue through November 2025.
Key Actions and Details
- Administrator Consent Required: All new third-party applications will need explicit administrator consent before they can access content within Exchange Online and Teams.
- Increased Security: This update helps prevent unauthorized data access by ensuring administrators review and approve all new app integrations.
- No Impact on Existing Apps: Apps that have already been granted consent will not be impacted by this change.
- Recommended Steps: It is advisable to review your current third-party app permissions and establish a clear workflow for handling new consent requests from users.