Microsoft has announced a move to OAuth for certain users connecting applications to Microsoft’s email servers. While this announcement was subsequently clarified to exclude SMTP AUTH – we think it is still a good idea to upgrade to Sage 100 version 2021.x or 2022.x for maximum compatibility.
Microsoft announced a change to certain email sign-on security with new OAuth requirements (Originally effective beginning 10/1/2022 though subsequently amended as per information below). A requirement to use TLS 1.2 to reach Sage licensing servers goes into effect later in 2023 (September 2023) and this will potentially impact any Sage 100 system without TLS 1.2 capabilities – effectively ay Sage 100 version earlier than 2019.4.
Update 9-26-2022: Microsoft has clarified that SMTP AUTH will not be shut down and if you are using SMTP AUTH and/or are able to enable use on your Microsoft account then this should continue to work for you past the original October 1, 2022 deadline. Read the Microsoft 9/9/2022 blog post and read the Sage September 16, 2022 OAuth Update (pdf) for more details.
Microsoft continues to recommend adopting the more secure OAuth authentication method. We recommend for maximum compatibility all users of Sage 100 should continue to remain within the two most recent versions of Sage 100 – presently Sage 100 2021 and Sage 100 2022.
For a more detailed explanation of the Microsoft OAuth changes please see – Deprecation of Basic authentication in Exchange Online
In each case the easiest resolution is to be on a supported version of Sage 100. If you are on the latest product update for Sage 100 version 2021 or 2022 then you shouldn’t need to take further action.
Sage 100 OAuth and TLS 1.2 Required Due Dates
On October 1, 2022, Microsoft® will disable Basic Authentication for email services and will require the use of Modern Authentication for Microsoft Exchange Server and Office 365. (Update: Please see Microsoft blog post dated 9-9-2022 which states that SMTP AUTH will remain accessible past 10-1-2022)
Sage KB 115141: How to connect Sage 100 to Gmail using OAuth 2.0
Any Sage 100 site using Basic Authentication with Microsoft email services will experience interruptions with their Sage 100 in-product email services. To avoid related issues, Sage 100 customers should upgrade to at least:
- Sage 100 2020.6
- Sage 100 2021.4
- Sage 100 2022.1
Sage 100 Advanced/Premium also should download this required patch.
Recommendation: Upgrade to the latest release of Sage 100 2020.6, 2021.4 or 2022.x where x is the latest product update.
Read – September 13, 2022 Sage FAQ on OAuth here
Sage FAQ on TLS 1.2
Effective September 2023, Sage servers will stop accepting communication from Sage 100 and Sage 300 product versions using Transport Layer Security (TLS) 1.0 and 1.1.
TLS is a security protocol that creates encryption paths over computer networks to help ensure that online communications and information cannot be intercepted. Regulatory standards have increasingly required the adoption of TLS 1.2 and the subsequent deprecation of TLS 1.0 and 1.1 due to known security risks.
Any customer using a subscription version of Sage 100 a version earlier than 2019.4 will require an upgrade to their Sage 100 to prevent a disruption in the use of their software.
If a Sage 100 user does not upgrade their software by September 2023, they will begin receiving warning messages when accessing Sage 100 due to the inability to communicate with Sage servers. The software will revert to read-only mode and restrict access.
Recommendation: Upgrade to Sage 100 2021.x or 2022.x although Sage’s website indicates that 2019.4+ is the minimum release compatible with the TLS changes.
- Sage Production Management enhancements
- Simplified role security capabilities
- Automation in reversing an entire accounts payable (AP) check run
Check back with us periodically for the latest updates to these two important changes.