Modern authentication is a Microsoft umbrella term for a combination of secure authentication and authorization methods between a client and a server. This might include a PC or a phone.
- Authentication methods: Multi-factor authentication (MFA); smart card authentication; client certificate-based authentication
- Authorization methods: Microsoft’s implementation of Open Authorization (OAuth)
- Conditional access policies: Mobile Application Management (MAM) and Azure Active Directory Conditional Access
Modern authentication is on by default in the following:
- Exchange Online
- Microsoft Teams
- Skype for Business Online
- SharePoint Online (for new tenants)
For tenants created before August 1, 2017, modern authentication is off by default for Exchange Online and Skype for Business Online.
Modern Authentication with Microsoft Teams Rooms
When using modern authentication with the Microsoft Teams Rooms application, Active Directory Authentication Library (ADAL) and OAuth 2.0 connects to Microsoft Teams, Exchange, and Skype for Business.
Modern Authentication support is available in MTR version 126.96.36.199 which will roll out to all customers within this month. Release notes here
Microsoft Teams Rooms are shared devices. They self perform a nightly reboot to ensure smooth functioning and to get a critical operating system, driver, firmware, or application updates.
Therefore, Microsoft Teams Rooms resource accounts shouldn’t be configured to use multi-factor authentication (MFA), smart card authentication, or client certificate-based authentication (which are all available for end-users).
This mechanism uses the resource owner password credentials authorization grant type in OAuth 2.0, which doesn’t require any user intervention.
Full details: Authentication in Microsoft Teams Rooms
Microsoft Teams Rooms and Intune
You can also enroll Microsoft Teams Rooms in Microsoft Intune and apply compliance policies by using the guidance provided in Managing Teams Meeting Rooms with Intune.