Blackbaud Outlook Add-in Changes for 2025

Louise Lawrence · February 25

We have noticed the changes that BB suggest we undertake in light of Microsoft improving security. Have any of you written to BB?

Our Cybersecurity and Infrastructure team are not willing to circumvent Microsoft’s actions to improve security (specifically, disabling Outlook add-ins that utilize legacy authentication tokens).

And it looks like there is no choice from June onwards. We have written to BB, strongly requesting the development of a new Outlook add-in which will work without compromising our organization’s security standing.

Pamela Bird · February 25

@Louise Lawrence thanks for raising this.

John Bird · February 26

Hi @Louise Lawrence - this is a major issue for us. Our IT team are not willing to make the change to the security environment (within a University the subset of RE users is not large enough to justify such an exception). This is an essential feature used by all of our team on a daily basis, so we are really looking to Blackbaud to find a solution.

SmartTHING Developers · February 26

@John Bird @Louise Lawrence We have a paid for solution: SmartOUTLOOK which is a within browser (for NXT) or within your own computer (for DB View) solution that does not require such access. It does not send data beyond your own machine and does not require complex set-up. Let us know if you are interested - support@smartthing.org.

John Bird · February 27

@SmartTHING Developers Thanks for that. Couple of questions - can NXT web view users use this with ‘thick client’ Outlook or does it have to be Outlook web…. and online the price says it is per user. Is that it really per user (we have approx 30-40 users who use this feature)

SmartTHING Developers · February 27

@John Bird We have options for bundles of users, you would not pay the per user price if ordering 10, 20 or 30 user licenses. It works with lots of combinations of Outlook and RE. Outlook Web or Desktop and RE NXT web or DB View.

Donella Robb · February 28

@Louise Lawrence My understanding from Blackbaud's communications and from chatting with BB Support is that Blackbaud is working on a long-term solution, and that the Microsoft change happened sooner than anticipated. The Microsoft change is that the legacy exchange tokens that were turned on by default will be turned off by default. Your IT team may be okay knowing that the temporary solution is/was the current default, and that there is a long-term solution coming that you will be communicating with them later.

Perhaps someone from Blackbaud can post something here when the long-term solution is ready. I know our Fundraisers really like the Outlook Add-Ins, as they save a lot of time for them.

Martin Knowles · March 13

@Louise Lawrence
Looks like Blackbaud have adopted the NAA solution now, so you won't need to use the Outlook legacy tokens anymore. This from Blackbaud:

To enhance the security of this integration and to provide customers with a long-term solution, Blackbaud has enabled nested app authentication (NAA) in the Blackbaud for Outlook Add-in. With this change, customers will no longer need to re-enable legacy Exchange Online tokens.

Action is required for customers:

The customer’s Microsoft 365 (M365) administrator will need to approve the Blackbaud for Outlook Add-In before Microsoft deprecates legacy Exchange Online tokens.
- Note: Microsoft has stated they will begin deprecation of legacy tokens in February 2025 with a final deprecation by June 2025 and controls the exact timing of this change.
Customers can follow the steps outlined in Knowledgebase Article “How do I re-authenticate my Blackbaud for Outlook Add-In?” to complete this task.
Once the Outlook Add-In is approved by their M365 administrator, their Blackbaud for Outlook Add-In users can re-authorize the app's use of SKY API to continue to use the integration.

Blackbaud Outlook Add-in Changes for 2025

Comments

Categories