I am trying to understand how authentication in MAPI/HTTP protocol works. I read through the documents that "protocol supports basic authentication scheme, NT LAN Manager (NTLM) Authentication Protocol, and Negotiate" Ref MS-OXCMAPIHTTP#1.7.

So I have setup an Outlook365 account. While debugging (TLS session) I do see that server always asks for "WWW-Authenticate: Basic Realm=". I did understand how does that work. But I fail to see any reference of NTLM or Negotiate. The document(s) does not provide any examples of either.

Online search is almost always fruitless about this topic. 

I would appreciate some pointers or s'more documents or examples.

Thank You

VR

Hi,

NTLM is an authentication protocol used on networks that include systems running the Windows operating system and on stand-alone systems. NTLM credentials are based on data obtained during the interactive logon process and consist of a domain name, a user name, and a one-way hash of the user's password. NTLM uses an encrypted challenge/response protocol to authenticate a user without sending the user's password over the wire. Instead, the system requesting authentication must perform a calculation that proves it has access to the secured NTLM credentials.

For more information about Microsoft NTLM, please refer to the below article:

https://msdn.microsoft.com/en-us/library/aa378749%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396

Additionally, as what Vasil said, the Basic authentication is still used for proxy server for Exchange Online. If you still have any question about the authentication in Exchange Online, please ask a question in Exchange Online forum for more help:

https://social.technet.microsoft.com/Forums/msonline/en-US/home?forum=onlineservicesexchange

Regards,