Microsoft Exchange Online: New fields for Exchange mailbox schema [MC909164]

Microsoft Exchange Online: New fields for Exchange mailbox schema [MC909164]

Message ID: MC909164

Coming soon to Microsoft Exchange Online: A significant rollout that introduces two new subfields under AppAccessContext for improved field consistency and enhanced telemetry in other Exchange APIs:

  • ClientAppId
  • APIId

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late October 2024 and expect to complete by mid-November 2024.

General Availability (GCC, GCC High): We will begin rolling out late November 2024 and expect to complete by late November 2024.

General Availability (DoD): We will begin rolling out early December 2024 and expect to complete by early December 2024.

[How this will affect your organization:]

Before this rollout: The ClientAppId and AppAccessContext fields exist across previous schemas outside of the Microsoft Exchange Web Service (EWS) schema.

After this rollout: The AppAccessContext field, which serves a similar purpose to the ClientAppId field, will be in EWS schema with two new subfields: ClientAppId and APIId. This update is on by default. The ClientAppId field and the ClientAppId subfield under the AppAccessContext field will both be populated more consistently and robustly with a new fallback.

Field definitions

  • AppAccessContext: Used to provide additional information about the application context in which an event or action occurs. This field helps in tracking and auditing purposes by identifying the specific application or service involved in each operation.
    • ClientAppId: The original field used to identify the application that initiated a particular action or event. After this rollout, this subfield will have a new fallback to enhance capabilities.
    • APIId: Used to uniquely identify an API endpoint or service. This subfield is particularly useful in scenarios where admins need to filter or track activities specific to certain APIs, such as the Microsoft Exchange Web Service (EWS).

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout.

After the rollout, we recommend admins review and update your workflows to accommodate both the ClientAppIdand AppAccessContext fields. This will ensure that your operations continue seamlessly and leverage the new features effectively.

Accessing and using the new fields

  1. Navigate to the admin center: Start by logging into the Microsoft 365 admin center.
  2. Access the audit logs: Go to the section where audit logs are managed. This is typically found under the Security & Compliance section or the Microsoft Purview section.
  3. Search for relevant logs: Use the search to filter logs that include the AppAccessContext and ClientAppId fields. You may need to specify the event types or actions that involve these fields.
  4. View and analyze logs: After the logs are filtered, you can view the details, which will include the AppAccessContext and ClientAppId fields. These fields provide additional information about the application context and the client application involved in each operation.

Learn more

Source: Microsoft

Show 1 Comment

1 Comment

  1. Mike Rosoft

    Attention all admins and users! Buckle up because Microsoft Exchange Online is about to get a nifty upgrade that will make your life a little easier and your data a lot more organized. Starting late October 2024, two new subfields will be introduced under the AppAccessContext field: ClientAppId and APIId. This update promises to bring improved field consistency and enhanced telemetry in other Exchange APIs. Now, let’s break it down in a way that even your grandma would understand (no offense to tech-savvy grandmas out there!).

    Before this update, the ClientAppId and AppAccessContext fields were scattered across various schemas outside the Microsoft Exchange Web Service (EWS) schema. It was like trying to find a needle in a haystack, or worse, your car keys in the morning. But fear not! After this rollout, these fields will be neatly tucked into the EWS schema with two shiny new subfields: ClientAppId and APIId. Think of it as a spring cleaning for your data fields.

    So, what do these new subfields do? The AppAccessContext field provides additional information about the application context in which an event or action occurs. It’s like having a backstage pass to see what’s happening behind the scenes. The ClientAppId subfield identifies the application that initiated a particular action or event, and it now comes with a new fallback to enhance its capabilities. Meanwhile, the APIId subfield uniquely identifies an API endpoint or service, making it super useful for admins who need to filter or track activities specific to certain APIs, like the Microsoft Exchange Web Service (EWS).

    Now, you might be wondering, “Do I need to do anything to prepare for this rollout?” The good news is that this update will happen automatically by the specified date, with no admin action required beforehand. It’s like having a self-cleaning oven—set it and forget it! However, after the rollout, we recommend that admins review and update their workflows to accommodate both the ClientAppId and AppAccessContext fields. This will ensure that your operations continue seamlessly and leverage the new features effectively.

    To access and use the new fields, simply navigate to the Microsoft 365 admin center, access the audit logs, search for relevant logs that include the AppAccessContext and ClientAppId fields, and then view and analyze the logs. It’s as easy as pie—or maybe even easier, depending on your baking skills.

    So, what do you think about this update? Will it make your life easier, or do you have some concerns? Share your thoughts in the comments below! Let’s get the conversation started and see how everyone feels about these new changes.

Leave a Reply

Your email address will not be published. Required fields are marked *