Subscribe to New Sugar Enterprise Updates
Additional Options
Recent Sugar Enterprise Updates

[ACTION REQUIRED] Security Release 25.1.2 and 14.0.3 Microsoft Exchange Online Updates

Club Concierge
6 minute read time

Read this important post if you use Microsoft Exchange as your email provider for outbound emails in Sugar. 

Microsoft has announced that support for basic authentication with SMTP Authentication will be removed beginning March 2026. In preparation for this change, SugarCRM has moved away from SMTP Auth and will support OAuth 2.0 authentication with Exchange Online starting with the 25.1.2 and 14.0.3 releases.

Sugar customers who use Exchange Online for their outbound email in Sugar must update their Microsoft Azure application and reauthorize the system email settings after upgrading to version 25.1.2 or 14.0.3. Once the system email settings have been updated, any users in Sugar using Exchange Online will also need to update their email settings.

The following sections explain the steps that must be performed to update your outbound email settings and avoid any disruption to your outbound emails from Sugar

Update Your Microsoft Azure Application 

Before you can update the system email settings for your Microsoft Exchange mail account in Sugar, you must first update the API permissions in your Microsoft Azure application as follows:

  1. Navigate to the Microsoft Azure portal in your web browser.
  2. Sign in using the Microsoft account that was used to create the application.
  3. On the Microsoft Azure homepage, click the View button under “Manage Microsoft Entra ID”.
    Azure Homepage Screenshot
  4. Click “Manage” on the left tree menu and select “App registrations”. Select the application that was previously created for Sugar.
    Portal App Registrations Screenshot
  5. On the left tree menu, click “Manage”, select “API permissions”, then click the “+ Add a permission” button.
  6. Click the Microsoft Graph option in the new window that appears, then click “Delegated permissions”, and do the following:
    • Select “Mail.Send” under the Mail permission.
    • Click the Add permissions button.
      Requst API Permissions Screenshot

Reauthorize Your System Email Settings in Sugar

Once the API permissions have been updated in Microsoft Azure, you can reauthorize your Microsoft Exchange mail account in Sugar:

  1. Log in to Sugar as an administrator and navigate to Admin > System Email Settings.
  2. Under the Exchange Online email provider, click the Authorize button to authorize the desired Microsoft Exchange mail account. Ensure that the mail account is authorized successfully.
    Sugar System Email Settings
  3. Click "Send Test Email", enter an email address, then send the test.
    • If you receive the email, click "Save" on the System Email Settings page.
    • If you do not receive the email, please check the following:
      • The “From Address” on the System Email Settings page must be an address that the authorized account is allowed to send as. You cannot send emails using a different address than the email address associated with the account you are authenticating unless the organization's Exchange admin has configured the account to allow this. You can try entering the authorized email address in the From Address field and then send the test email again.
      • Verify that your Microsoft Azure application is configured correctly.
      • View the Sugar log in Admin > System Settings to check for any errors with the test email.

Reauthorize the User’s Email Settings in Sugar

For any users in your system that use Exchange Online, they will need to update their email settings under their user profile in Sugar. This step is only necessary if the “Allow users to use this account for outgoing email” option is disabled in Admin > System Email Settings.

The affected Sugar users must perform the following steps to reauthorize their email settings:

  1. Log in to your Sugar account.
  2. Click your profile icon on the upper right, then select your name/email to view your user profile.
  3. Click the Edit button, and in the email settings section, click “Authorize”.
    Sugar User Email Settings
  4. Click "Send Test Email", enter an email address, then send the test.
    • If you receive the email, click "Save" on the user profile page.
    • If you do not receive the email, there may be an issue with your email address in Sugar not being a valid “From” address for the authorized email account. Check with your Microsoft account administrator to verify the send-as permissions for your account on the Microsoft side.

Reauthorize the Outgoing Email Account in Sugar

Any outgoing email accounts using Exchange Online must be reauthorized in Emails > Email Settings. For shared email accounts, the user that created the outgoing email account must reauthorize the Exchange Online email account.

Perform the following steps to reauthorize the Exchange Online email accounts in Sugar:

  1. Log in to your Sugar account.
    Note: This must be the user that created the outgoing email account.
  2. Navigate to the Emails module and select "Email Settings" from the module tab.
  3. Select the email account that uses Exchange Online as the email provider.
  4. Click “Edit”, then click the Authorize button.
  5. Once the email account is authorized successfully, click “Save”.

Please feel free to contact SugarCRM support with any additional questions.