Add Get-AuthenticationPolicy switch

samantharamon · samantharamon · commit 511a8d4296dd · 2024-12-11T02:05:16.000-08:00
diff --git a/exchange/exchange-ps/exchange/Get-AuthenticationPolicy.md b/exchange/exchange-ps/exchange/Get-AuthenticationPolicy.md
@@ -21,6 +21,7 @@ For information about the parameter sets in the Syntax section below, see [Excha
 
 ```
 Get-AuthenticationPolicy [[-Identity] <AuthPolicyIdParameter>]
+ [-AllowLegacyExchangeTokens]
  [-TenantId <String>]
  [<CommonParameters>]
 ```
@@ -44,6 +45,13 @@ Get-AuthenticationPolicy -Identity "Engineering Group"
 
 This example returns detailed information for the authentication policy named Engineering Group.
 
+### Example 3
+```powershell
+Get-AuthenticationPolicy -AllowLegacyExchangeTokens
+```
+
+In Exchange Online, this example specifies whether legacy Exchange tokens for Outlook add-ins are allowed in the organization.
+
 ## PARAMETERS
 
 ### -Identity
@@ -66,6 +74,28 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -AllowLegacyExchangeTokens
+This parameter is available only in the cloud-based service.
+
+The AllowLegacyExchangeTokens switch specifies whether legacy Exchange tokens are allowed for Outlook add-ins in your organization. You don't need to specify a value with this switch.
+
+Legacy Exchange tokens include Exchange user identity and callback tokens.
+
+**Important**: Legacy Exchange tokens will eventually be blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: True
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -TenantId
 This parameter is available only in the cloud-based service.
 
diff --git a/exchange/exchange-ps/exchange/Set-AuthenticationPolicy.md b/exchange/exchange-ps/exchange/Set-AuthenticationPolicy.md
@@ -370,6 +370,7 @@ This switch applies to the entire organization. Although the Identity parameter
 **Important**:
 
 - Apart from the Identity parameter, this switch disregards other authentication policy parameters used in the same command. We recommend running separate commands for other authentication policy changes.
+- It might take up to 24 hours for the change to take effect across your entire organization.
 - Legacy Exchange tokens will eventually be blocked by default in all cloud-based organizations. For more information, see [Nested app authentication and Outlook legacy tokens deprecation FAQ](https://learn.microsoft.com/office/dev/add-ins/outlook/faq-nested-app-auth-outlook-legacy-tokens#what-is-the-timeline-for-shutting-down-legacy-exchange-online-tokens).
 
 ```yaml
