| Summary: Microsoft 365 no longer allows legacy TLS 1.0 and TLS 1.1 for these services. DocuShare environments using Microsoft 365 SMTP OAuth for outbound mail or IMAP OAuth for inbound mail are not affected when they are operating with TLS 1.2 or later, which is the verified DocuShare configuration path for these features. |
Overview
Microsoft 365 has retired older TLS protocols for mail-related services. As a result, any application that still depends on TLS 1.0 or TLS 1.1 for Microsoft 365 connectivity must be updated to use TLS 1.2 or later.
DocuShare SMTP OAuth and IMAP OAuth are already verified on TLS 1.2 and higher. If your DocuShare environment is configured for these OAuth-based Microsoft 365 connections, this specific Microsoft 365 protocol change does not require a separate DocuShare workaround.
What This Means for DocuShare
| Feature | Customer Guidance |
| SMTP OAuth | Used for outbound email such as notifications and subscriptions. This configuration path is not affected by Microsoft 365 retirement of TLS 1.0 and 1.1 when DocuShare is running with TLS 1.2 or later. |
| IMAP OAuth | Used for inbound email retrieval such as Email Agent processing. This configuration path is not affected by Microsoft 365 retirement of TLS 1.0 and 1.1 when DocuShare is running with TLS 1.2 or later. |
Who Should Review This Article
- Customers using Microsoft 365 SMTP OAuth for DocuShare notifications or subscription emails.
- Customers using Microsoft 365 IMAP OAuth for DocuShare Email Agent processing.
- Administrators reviewing Microsoft 365 notices about legacy TLS retirement and checking whether DocuShare is impacted.
Supported Example Environments
The following example environments reflect verified DocuShare paths using TLS 1.2 or later:
- Windows Server 2016 with DocuShare 7.5 and the latest applicable patch
- Windows Server 2019 with DocuShare 7.6 and the latest applicable patch
- Windows Server 2022 with DocuShare 7.7 and the latest applicable patch
- Windows Server 2025 with DocuShare 8.0
What Customers Should Do
- If you already use Microsoft 365 SMTP OAuth or IMAP OAuth in DocuShare and the service is working normally, no special action is required for this Microsoft 365 TLS retirement notice alone.
- Continue to keep your DocuShare server and its applicable maintenance level current for your release line.
- If you are planning a new Microsoft 365 email integration, use the DocuShare OAuth configuration path rather than older non-OAuth methods where Microsoft 365 requirements no longer permit them.
What to Check if Email Stops Working
If your environment is not sending or retrieving mail after a Microsoft 365 change, review the following items before opening a support request:
- Confirm that the environment is using the Microsoft 365 OAuth configuration path, not an older basic-authentication or unsupported legacy setup.
- Confirm that the DocuShare server can negotiate TLS 1.2 or later to the Microsoft 365 endpoint.
- Review any recent operating system, Java, certificate, proxy, firewall, or Microsoft 365 tenant policy changes that may affect outbound or inbound mail connectivity.
- Verify that the Microsoft 365 application registration, client credentials, tenant settings, and mailbox permissions are still valid.
Related Setup Paths
Use the appropriate DocuShare setup article for the feature you are configuring:
- Microsoft 365 SMTP OAuth for outbound email such as notifications and subscriptions
- Microsoft 365 IMAP OAuth for inbound email retrieval such as Email Agent processing
| Customer Note: This article is a service-impact advisory, not a full setup guide. If you are actively configuring Microsoft 365 OAuth in DocuShare, follow the corresponding SMTP OAuth or IMAP OAuth setup procedure for your feature. |
Conclusion
For DocuShare environments using Microsoft 365 SMTP OAuth or IMAP OAuth, Microsoft 365 retirement of TLS 1.0 and TLS 1.1 does not introduce a separate compatibility issue when the environment is already operating on the verified TLS 1.2-or-later path. Customers who experience email issues after a broader infrastructure or tenant change should review their OAuth configuration and transport settings before escalating to support.