Changes to SendGrid Authentication



Please review the changes below. If your team does not take corrective action, your web application will no longer be able to send outgoing emails

SendGrid will soon be implementing an upcoming security improvement related to the authentication process for all current accounts. This change will happen on April 17th, 2019.

What is SendGrid addressing?

Today, customers with 2FA (2-Factor Authentication) enabled can utilize basic authentication over the SendGrid v2 API, v3 API, or SMTP. 2FA increases account security by requiring authentication beyond a simple username and password; SendGrid’s 2FA is set up via SMS or through the Authy app. Basic authentication (authenticating with a username and password alone) is a less secure method of authenticating APIs. We have identified this as a misalignment between customers’ expectations of security with 2FA and the authentication options permitted on their SendGrid accounts.


What exactly is SendGrid changing?

In order to uphold your account security, we will no longer accept basic authentication through the API or SMTP for users who have 2FA enabled. Starting April 17th, 2019, calls to SendGrid’s v2 API, v3 API, or SMTP using basic authentication for users with 2FA enabled will be rejected with error: invalid authentication method - declined because you are using basic authentication with 2FA enabled. to fix, update to using an API key or disable 2FA and switch to using IP Access Management for security.

Identifying if YOU are affected

You can find out if you/your team is affected by this by viewing your web.config in Settings and searching for ''. If this is in your web.config, there will be changes that need to done by your team. 

Example snippet:

<network host="" userName="" password="xxxxxxx" port="xxx" />

What are the next steps if affected?

In order to avoid rejection errors from this change we recommend you modify your API and SMTP calls using basic authentication.

There are two options your team will have in regards to these changes. The key difference in these options is whether or not your team is using Basic or API Key (recommended) authentication. You can more information on the differences between the two in this help article below: 

OPTION 1: Sign up for your own SendGrid account

You can sign up for your own SendGrid account with the link below:

This option will not require any major changes to your code. After you have signed up for SendGrid, simply replace the current username and password that you are currently using to the credentials that you had just signed up with. This option will work only if you do not have 2-Factor Authentication enabled. 

OPTION 2: Request a new API key from Agility (recommended)

This option will require an update to your code so that it will use the new API Key that Agility will provide. 

You can request an API Key from Agility with the link below: 


Once requested, we will verify your account and then send you the new API Key to update your codebase with. 

Below is a link to some code samples on how to implement this new API Key: 


Below is a Code Sample: 

using SendGrid;
using SendGrid.Helpers.Mail;
using System;
using System.Threading.Tasks;

namespace Example
    internal class Example
        private static void Main()

        static async Task Execute()
            var apiKey = Environment.GetEnvironmentVariable("NAME_OF_THE_ENVIRONMENT_VARIABLE_FOR_YOUR_SENDGRID_KEY");
            var client = new SendGridClient(apiKey);
            var from = new EmailAddress("", "Example User");
            var subject = "Sending with SendGrid is Fun";
            var to = new EmailAddress("", "Example User");
            var plainTextContent = "and easy to do anywhere, even with C#";
            var htmlContent = "<strong>and easy to do anywhere, even with C#</strong>";
            var msg = MailHelper.CreateSingleEmail(from, to, subject, plainTextContent, htmlContent);
            var response = await client.SendEmailAsync(msg);


1 out of 3 found this helpful



Please sign in to leave a comment.