Microsoft Exchange Online | SMTP onboarding to App RBAC
IDWorkloadCategoryClassificationSeverityStart TimeLast Updated
MC1158911Exchange Online
Microsoft 365 suite		Stay InformedNew feature
User impact
Admin impact		normal24-Sep-2025 18:5324-Sep-2025 18:53

Update: 24-Sep-2025 18:53

Introduction
We're simplifying how organizations grant applications permission to send email on behalf of mailboxes. Today, customers must manually assign permissions to each individual mailbox using PowerShell, which is time-consuming and inefficient. With this new capability, admins can assign the SMTP.SendAsApp role to an app through App Role-Based Access Control (RBAC), enabling group-based or scoped access to mailboxes. This simplifies onboarding for SMTP clients using OAuth and provides a scalable, secure, and modern approach to managing mailbox access.
This message is associated with Microsoft 365 Roadmap ID 498356.

When this will happen:
  • General Availability (Worldwide): We will begin rolling out early November 2025 and expect to complete by late November 2025.


How this affects your organization:
Who is affected:

  • Admins managing SMTP AUTH clients using OAuth in Exchange Online.
What will happen:
  • Admins can assign the SMTP.SendAsApp role to applications via App RBAC.
  • This enables group-based or scoped access to mailboxes.
  • Eliminates the need for per-mailbox permission assignments.
  • Streamlines onboarding for SMTP clients using OAuth.
  • No changes to end-user experience.

What you can do to prepare:


Compliance considerations:
No compliance considerations identified, review as appropriate for your organization.