Create a personal authentication mode connection with Microsoft Exchange Online

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Create a personal authentication mode connection with Microsoft Exchange Online

    This guide provides administrators with instructions to establish a personal authentication mode connection to Microsoft Exchange Online, facilitating the synchronization of reservations and events with Outlook calendars through user-level authentication tokens.

    Show full answer Show less

    Key Features

    • User-level Authentication: Enables creation, updating, and cancellation of reservations directly linked to the user's Outlook calendar.
    • Subsource Identification: Introduces the snwsdrestapi subsource for distinguishing reservations from the REST API.
    • Handling Upgrade Scenarios: Automatic adjustment of system properties for Strict and Normal modes based on pre-upgrade configurations, with deprecated settings removed from the calendar provider.
    • Reservation Restrictions: Specific limitations apply to blocker, on-behalf, and group reservations when personal authentication mode is enabled.

    Key Outcomes

    By implementing personal authentication mode, organizations can:

    • Synchronize individual reservations seamlessly with Microsoft Outlook.
    • Manage reservations efficiently while adhering to specific restrictions based on user permissions.
    • Enhance calendar synchronization capabilities, improving overall workplace reservation efficiency.

    For effective setup, ensure appropriate configurations in Microsoft Azure and the Microsoft Exchange Online portal, including OAuth connectivity and resource room specifications.

    As an admin, establish a personal authentication mode connection with Microsoft Exchange Online to synchronize reservations. A user-level authentication token is generated that enables you to create, update, or cancel reservations to synchronize events on the Microsoft Outlook calendar.

    Integrations

    System-to-system integrations are used for all actions that aren’t triggered by the user and that must be synchronized with Microsoft Outlook. For all other user-triggered actions, the user's personal token is used.

    Subsources to cater to reservations

    A new Subsource, sn_wsd_rest_api, has been introduced to distinguish the reservations originating from the REST API. This action enables the use of system-to-system credentials to synchronize the reservations with Microsoft Outlook in personal authentication mode.

    Handling upgrade scenarios

    If the Strict mode is enabled for active calendar providers before the upgrade, the system property is automatically set to Strict after the upgrade.

    If the Normal mode is configured for active calendar providers before the upgrade, the system property is automatically set to Normal after the upgrade.

    The Strict Mode check box is no longer displayed in the calendar provider because the corresponding column has been deprecated in the calendar provider. To configure the Strict mode, you must set the system property sn_wsd_rsvsync.sync_integration_mode at instance level.

    Strict mode can now be configured using the system property at the instance level. For more information, see Set Workplace Calendar Synchronization properties.

    Reservation restrictions

    Review the restrictions for creating, updating, or deleting user reservations, as well as for blocker and group reservations, when personal authentication mode is enabled.

    Table 1. Restrictions
    Reservation type Description
    Blocker reservations When Personal mode is enabled, blocker reservations are created in the delegated user's calendar, with the requested for user added as an invitee.

    If the sn_wsd_rsv.blocker_user system property specifies a blocker user, the system creates the reservation in the delegated user's calendar and adds the blocker user as an invitee.
    Onbehalf user reservation The This reservation is for field is not displayed in personal authentication mode. In personal mode, you can't create Onbehalf user reservations because you don’t have access to other user's calendar. However, you can create on-behalf reservations for non-synchronized rooms.
    Group reservations Group reservations aren’t supported in Personal mode for synchronize-enabled rooms, even if the Enable group reservations check box is selected in the reservable module. You can create group reservations for non-synced rooms.
    Create reservation The following restrictions apply when creating reservations from theWorkplace Service Delivery (WSD) portal, Event planner, Quick Reservation, and Now Mobile:
    In Personal mode
    If the requested-for user doesn’t match the session user, the reservation can’t be created.
    Note:
    When the integration mode is Personal Authentication and reservations are created through non-ServiceNow interfaces such as IDEA panels or the Reservation REST APIs, the reservation is created in the Delegated User's mailbox, with the requestor added as an attendee. This behavior is the same as Strict mode.
    In Strict or Normal mode
    Reservations can be created without any restrictions.
    Update or cancel reservation The following restrictions apply when updating or canceling reservations from the WSD portal, Event planner, and Now Mobile:
    In Normal mode
    All reservations can be updated or canceled.
    In Personal authentication mode
    • If the Sync mailbox of the reservation is set to other (a reservation created in the delegated user calendar), the reservation can be updated or canceled in the delegated user calendar.
    • If the Sync mailbox is set to user, the following rules apply:
      • If the reservation is edited or canceled from sources other than WSD Portal, Quick Reservation, WSD Mobile, or Event Planner, it can’t be updated or canceled.
      • If the session user (the person who is updating or canceling the reservation) doesn’t match the requested-for user, the reservation can’t be edited or canceled.
      • If a personal token doesn’t exist for the user updating or canceling the reservation, the reservation can’t be updated or canceled.
      • In all other cases, the reservation can be updated or canceled.
    Note:
    All the above reservations that can’t be updated or canceled appear dimmed in the schedule view of event planner workspace.
    In Strict mode
    Users can only update or cancel a reservation if the Sync mailbox is set to other in Strict mode.