Hi,

We would like to implement Hybrid Modern Authentication (HMA) for our On-premises Exchange server: This is Microsoft's information article on this topic. https://docs.microsoft.com/en-us/power-platform/admin/connect-exchange-server-onprem-hma 

Apparently, HubSpot's email integration for Exchange does *not* support modern authentication (OAuth2-based) when connecting to to Exchange. Implementing this is definitely possbile - HMA for Exchange Web Services is fully supported by MS.

Your documentation (https://knowledge.hubspot.com/email-tracking/connect-your-inbox-to-hubspot) suggests to use an "app password" if 2FA is enabled (same situation as with HMA - normal password won't work), but this is not really an option, since Microsoft's documentation clearly states that app passwords are *not* supported for Azure / MS 365 accounts anymore when using the recommended way of setting up MFA via Conditional Access Policies - see: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-app-passwords

"App passwords don't work with Conditional Access based multi-factor authentication policies and modern authentication."

Password-based authentication is a major risk these days. We really want to properly secure our email infrastructure. As it is, HubSpot is the only 3rd party application currently stopping us from implementing HMA.

Best regards,

JW