We have been trying to get information from our Monday representative and support but they have all been radio silent for almost a month on changes microsoft is instituting around service accounts. On April 1 Microsoft is making a change to require MFA for all accounts that authenticate.
We have a service account setup currently to handle broad communications from my organization, so some emails come from a "organization” email instead of an individual. Unfortunately this will no longer be an option due to the MFA requirement. We are trying to switch to an entra service principal however I’m not sure if that will work, and Monday is not giving us guidance.
Has anyone else figured out an alternative method to send organization emails instead of from an individual in automations and workflows?
Hi @rbradford_UNC First off, welcome back to the community! It’s been a while, and I’m sorry to hear that you’ve been hitting a wall getting the guidance you need - especially with that April 1st Microsoft deadline fast approaching.
The shift toward mandatory MFA for all accounts is definitely throwing a wrench into many service account workflows. While I can’t speak for the internal product roadmap regarding Entra service principal support, I know some users have tackled the “org-wide email” hurdle by using a Shared Mailbox. Since these don’t have their own credentials but are accessed via licensed users, they sometimes offer a workaround, though the Outlook Integration usually expects a direct O365 auth.
I’d be more than happy to open a support ticket for you if you dm your account URL!
This is a great point, and many organizations are facing the same challenge ahead of the April 1st Microsoft MFA deadline. The Shared Mailbox workaround mentioned above is worth exploring, as it allows org-wide emails without individual credentials — though Monday’s Outlook integration may need direct O365 authentication, which complicates things.
Another option worth considering is using Monday’s native email automation combined with a distribution group or alias connected to a licensed user account that supports MFA. This way, emails still appear to come from an organizational address while remaining fully compliant with Microsoft’s new requirements.
Switching to an Entra service principal is the long-term solution, but until Monday.com officially confirms support for it, it may be risky to depend on solely. It would be great if Monday’s product team could provide an official statement on their roadmap for service principal support — especially given how close the deadline is. Hoping for a resolution soon!
Yeah, this is something you’ll want to loop your IT/M365 admin team in on ASAP.
We ran into this as well. Once the policy changes started rolling out, it broke all new Outlook integrations, while existing ones kept working since they were already authenticated.
This is less a monday issue and more about how your org has:
Your IT team should be able to:
-
guide you on shared mailbox or delegated access setup
-
confirm what’s allowed under your tenant policies
-
help align with Microsoft’s new requirements
Definitely don’t try to solve this in isolation, it’s very tied to your org’s M365 configuration.