Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In 2018, we announced that Exchange Web Services (EWS) will no longer receive functionality updates. In 2023, we announced that EWS will be disabled in Exchange Online in October 2026.
The Midnight Blizzard security incident in January 2024 involved EWS and elevated the urgency of the EWS deprecation effort. The scope was also widened from third party applications to include all Microsoft applications. We're working diligently to remove EWS dependencies in all Microsoft products. For example:
- Microsoft Outlook
- Microsoft Office
- Microsoft Teams
- Microsoft Dynamics 365
This work accelerated the need to close parity gaps between EWS and Microsoft Graph for many scenarios. Other efforts are underway in the following scenarios:
- Close the remaining parity gaps that affect specific scenarios for third party applications.
- Provide guidance for alternative solutions.
To learn if your third party applications use EWS, see this article.
Many application scenarios are already supported with direct mappings between EWS operations and Graph APIs.
To move your organization to a stronger security posture, we recommend identifying your active EWS applications and starting their migration now.
Roadmap for parity gaps
There are a few major EWS features areas that the Microsoft Graph API doesn't fully support. The priority of work to close these feature gaps is described in the following list:
- Import and export of mailboxes (except Microsoft 365 Groups and public folder mailboxes).
- Import and export of public folders|In development.
- Import and export of Microsoft 365 Groups.
- Archive.
- Event delta for recurring events.
- User configuration.
- Dynamic distribution groups.
- Administration APIs
EWS deprecation timeline
- July 2018: EWS deprecation announced.
- 2023: EWS disablement date set to 10/2026.
- January 2024: Midnight Blizzard security incident.
- Upcoming:
- Fill parity gaps to support migration for Microsoft and third party applications.
- Remove EWS dependencies from Microsoft applications.
- Allow admins to manually disable EWS at the organization and user levels.
- October 2026: EWS disabled globally for all organizations.
Call To Action
Don't wait for all parity gaps to be closed. You can be proactive by doing the following steps:
- Investigate the EWS footprint of all internal and third party applications in your organization.
- Work with your security and executive teams to prioritize EWS deprecation for internal applications.
- Identify applications and components you can migrate now and start the implementation.
- Work with your vendors to prioritize their migration from EWS.