Yes, but to be clear this isn’t an Epicor limitation. Excel is choosing to do their authentication with a hardcoded “Microsoft Only” client ID that you have no control over. If Epicor were to allow that ID to generate valid Epicor tokens then any bumm off the street with access to Excel and Azure could generate a “valid” authentication token that would let them get data out of your system
Granted they’d have to create an Azur ID with your matching email address but still a huge security problem. Excel should allow you (or at least your System ADmins) to set / reset their Client ID to be unique to you and your company then you could use the same as Epicor.