Skip to main content

When the calendar suddenly goes silent

· 3 min read
Robert Loipfinger
Robert Loipfinger
Cirlce Lead Platform @ ADITO

Sometimes a previously working integration can stop functioning overnight. For example, a calendar connection that has been running smoothly for months may suddenly fail.
In many cases, the technical connection itself is fine, but the authentication method used to access the service is no longer valid because the provider has changed its requirements.

Situations like this can be avoided by regularly reviewing integrations and keeping track of announcements from connected services. This post explains why that matters and what to do about it.

How Microsoft services are accessed

Our software can connect to Microsoft Azure services such as email, calendars, or the Microsoft Graph API. These connections are server-to-server, meaning they run automatically in the background without direct user interaction.

In addition to Microsoft, other services can be integrated. Depending on the system, different authentication methods are used. This spans from older methods such as Basic Authentication to modern approaches like OAuth flows.

Recent changes in Microsoft authentication

Microsoft is gradually discontinuing older authentication methods. Basic Authentication is already deactivated in many areas. Even within OAuth, requirements are evolving:
With the Application Code Flow, Microsoft increasingly enforces Multi-Factor Authentication (MFA). This is useful for user logins but unsuitable for automated processes. For server-to-server connections, the Client Credentials Flow is generally recommended.

tip

If you are still using Basic Authentication or Application Code Flow without MFA, plan to switch to Client Credentials Flow as soon as possible.

Why changes can cause disruptions

The chosen authentication method depends on the individual system setup. Often, multiple services are involved – each with its own security policies and update schedules.

Unexpected issues may occur when a provider changes its requirements:

  • Calendar access no longer works
  • Automated email retrieval stops
  • APIs return authentication errors

In many cases, the root cause lies in an external change rather than our software.

How to stay prepared

To keep integrations stable:

  1. Review authentication methods: identify and replace outdated ones.
  2. Monitor provider updates: follow announcements and note deadlines.
  3. Test early: implement new methods before old ones are retired.

Our part in the process

We update our integrations as soon as we have confirmed details about upcoming changes.
Since each customer’s environment is configured differently and has its own security requirements, these settings and related provider announcements need to be monitored within the customer’s processes.

Including these checks in regular maintenance routines helps prevent service interruptions and enables us to provide targeted support when adjustments are needed.

./Robert