I have disabled BasicAuth on my tenant. I also have enabled Security Defaults with MFA enforcement.
When I perform Get-OrganizationConfig | fl DefaultAuthenticationPolicy cmdlet and check the policy, all properties regarding basic auth are set to false.
I have acquired an access token for https://outlook.office365.com resource.
Now I am using this token to open a new Powershell session via old Powershell module.
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.of fice365.com/powershell-liveid/?BasicAuthToOAuthConversion=true -Credential $credential -Authentication Basic -AllowRedirection
where $credential is my username along with the access token. It connects perfectly fine and I can invoke any cmdlet.
I cannot grasp why despite Basic Auth being disabled on my tenant, I still can establish a session with "-Authentication Basic". Does this access token approach act as a substitute for Basic Authentication in this case?
Thanks in advance!