Services
Summary
Important Update: Token Protection Policy for Power Query in Excel may block data import scenarios requiring Azure Active Directory authentication, affecting sources like SharePoint and Microsoft Exchange. Review Conditional Access policies and update documentation. The feature is in Public Preview.
Details
As part of the Microsoft Entra Conditional Access Token Protection feature rollout, we're notifying you of potential impacts to Power Query in Excel. This feature enhances token security but may block certain data import scenarios in Excel when applied.
When this will happen:
This feature is currently available in Public Preview, as outlined in the Microsoft Product Terms.
How this affects your organization:
When Conditional Access Token Protection is applied to a user, Power Query in Excel will block data import or refresh operations from sources that require Azure Active Directory (AAD) authentication. This includes, but is not limited to:
- SharePoint
- Microsoft Exchange
- Other AAD-authenticated sources, depending on the broker configuration
This may affect users who rely on Power Query to connect to organizational data sources.
What you can do to prepare:
Review your Conditional Access policies before enabling Token Protection for users who depend on Power Query in Excel.
Inform your helpdesk and update internal documentation to reflect these changes.
For more information, refer to:
- Microsoft Entra Conditional Access: Token protection (Preview)
- Import data from data sources (Power Query) - Microsoft Support
Compliance considerations:
- Does the change alter how existing customer data is processed, stored, or accessed? Yes
- Does the change modify, interrupt, or disable any of the following capabilities (Purview)? Maybe รขโฌโ depending on how Power Query is used in conjunction with DLP or Information Protection policies