Let's conclude.
First concern - SMTP & basic authentication
Due to the Deprecation of Basic authentication in Exchange Online, there are concerns about sending emails from Axon Ivy using Microsoft.
In Axon Ivy we currently use SMTP respectively SMTP AUTH to send emails. Therefore, we are NOT affected by the aforementioned deprecation. Microsoft states that SMTP AUTH is not in scope for the disablement, see Basic Authentication Deprecation. One important reason why SMTP is not affected is that it is widely used in printers that cannot be upgraded to modern authentication. So it is still possible to send emails with basic authentication. OAuth is not necessary for this and is currently not supported in Axon Ivy.
Note that it is possible that SMTP AUTH is disabled in your Exchange Online organization. In this case, you will encounter the following exception in ivy.log:
AuthenticationFailedException: Authentication unsuccessful, SmtpClientAuthentication is disabled for the Mailbox. Visit https://aka.ms/smtp_auth_disabled for more information.
To enable SMTP AUTH, follow the instructions provided here Enable or disable authenticated client SMTP submission (SMTP AUTH) in Exchange Online.
Second concern - SMTP & OAuth
Policies force you to stop using basic authentication and switch to OAuth, as mentioned by @mbrueckner.
The OAuth flow appropriate for our use case would be the client credentials flow, which is ideal for background operations without user interaction. This flow is not yet supported by Microsoft for SMTP (Authenticate SMTP connection using OAuth). That's why we stick with basic authentication. But stay tuned, in future we strive to make the email sending implementation extensible.
A side note, regardless of whether OAuth or basic authentication is used, SMTP AUTH must be enabled in Exchange Online.