Modern Authentication configuration requirements for transition from Office 365 dedicated/ITAR to vNext


This article describes configuration requirements for Modern Authentication after a transition from Microsoft Office 365 dedicated/ITAR to vNext, depending on Outlook version.

More Information

The configuration requirements vary, depending on the Outlook version. The following table outlines the requirements and includes links to related articles.

Outlook version Modern auth support EnableADAL reg key required AlwaysUseMSOAuthForAutodiscover reg key required MAPI/HTTP required (remove any blocks currently)
Outlook 2016 Yes No Yes Yes
Outlook 2013 Yes Yes Yes Yes
Outlook 2010 No Not available Not available Not available


Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.

Outlook 2010

  • Modern Authentication is not supported.
  • Users use Basic Authentication and may be prompted multiple times for credentials.

Outlook 2013

  • Modern Authentication is not enabled by default.

  • Modern Authentication can be enabled by setting the DWORD value to 1 in the following registry subkeys:



    For more information, see Enable Modern Authentication for Office 2013 on Windows devices.

  • It is recommended that users force Outlook to use Modern Authentication by setting the DWORD value of the following registry key to 1.


Outlook 2016

Skype for Business or Lync 2013

  • Recommend that users enable Modern Authentication after the Skype migration is completed.

  • Recommend that users enable the following registry keys if you use Modern Authentication for Exchange. To do that, set the DWORD value to 1.

    HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\15.0\Lync\ AllowAdalForNonLyncIndependentOfLync

    HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Lync\ AllowAdalForNonLyncIndependentOfLync