Allow additional authentication types for web service delivery endpoints in PI Notifications
Allow for additional authentication types to be added for web service delivery endpoints. Currently, the only available options are Windows, Anonymous, and Basic.
Guest
Sep 10, 2025
Could you please check this Microsoft announcement:
They state that Microsoft will shut it down Basic Authentication for SMTP AUTH in April 2026. Without support for modern authentication methods (e.g., OAuth2 / SASL XOAUTH2), PI System Notifications that uses Office365 will stop working after this deadline.
This is a very popular integration method between PI and ServiceNow, providing OAUTH authentication (or other modern and secure alternatives) is critical considering some cybersecurity teams are not allowing basic authentication in their organizations.
Hi @Kenneth Barber, I have tech support case 00883545 where the customer was hoping to use Bearer authentication for the web service delivery endpoint. The Notifications service would need to request a token from an external token generator and supply it in the authentication headers. This could be useful for communicating with modern REST APIs that require more secure authentication.
Could you please check this Microsoft announcement:
https://techcommunity.microsoft.com/blog/exchange/exchange-online-to-retire-basic-auth-for-client-submission-smtp-auth/4114750
They state that Microsoft will shut it down Basic Authentication for SMTP AUTH in April 2026. Without support for modern authentication methods (e.g., OAuth2 / SASL XOAUTH2), PI System Notifications that uses Office365 will stop working after this deadline.
Secure PI Notifications Email with Modern Authentication (Microsoft Graph/OAuth 2.0) instead of less secure username/password (Basic Authentication)
My company is also requiring OAuth / Bearer authentication for PI Notification API calls.
This is a very popular integration method between PI and ServiceNow, providing OAUTH authentication (or other modern and secure alternatives) is critical considering some cybersecurity teams are not allowing basic authentication in their organizations.
claims based authentication using tokens