Table of Contents
Summary
- Transitioning from external access tokens to Microsoft Entra-based authentication for actionable messages.
- Actionable messages relying on external access tokens will fail after the transition.
- All workflows using actionable messages must be updated to use Microsoft Entra authentication.
- This change enhances security and complies with modern identity standards.
- Organizations should review and update their actionable message implementations before the transition.
Admin Impact; High
User Impact: Low
Release Start: 31 Mar 2026
Release End: 31 Mar 2026
Services: M365 Apps
Category: Plan for change
Tags: Admin Action, Retirement
History
11/25/2025 Item Added to Message Center
Microsoft Message
Introduction
We’re retiring the use of external access tokens for actionable messages and transitioning to Microsoft Entra-based authentication. This update enhances security and aligns with modern identity standards, providing a more robust and compliant experience for actionable messages.
When this will happen
This change takes effect on March 31, 2026. After this date, external access tokens will no longer be supported.
How this affects your organization
Who is affected:
Organizations using actionable messages that currently rely on external access tokens.
What will happen:
- Actionable messages that depend on external access tokens will fail after March 31, 2026.
- All integrations and workflows using actionable messages must adopt Microsoft Entra authentication.
- This change improves security posture by leveraging Entra’s identity and access management capabilities.
What you can do to prepare
Review all actionable message implementations in your organization.
Update integrations to use Microsoft Entra authentication before March 31, 2026.
Learn more:
- Actionable messages in Outlook and Office 365 Groups
- Enable Entra token for Actionable messages
Compliance considerations
No compliance considerations identified, review as appropriate for your organization.