expansion of WhatsApp as an MFA one-time passcode delivery channel for Entra ID

November 2024

General Availability - Microsoft Entra Connect Sync Version 2.4.27.0
Type: Changed feature
Service category: Provisioning
Product capability: Identity Governance

• On November 14, 2025, we released Microsoft Entra Connect Sync Version 2.4.27.0 that uses the OLE DB version 18.7.4 that further hardens our service. Upgrade to this latest version of connect sync to improve your security.

Public Preview - Microsoft Entra new store for certificate-based authentication
Type: New feature
Service category: Authentications (Logins)
Product capability: User Authentication

• Microsoft Entra ID has a new scalable PKI (Public Key Infrastructure) based CA (Certificate Authorities) store with higher limits for the number of CAs and the size of each CA file. PKI based CA store allows CAs within each different PKI to be in its own container object allowing administrators to move away from one flat list of CAs to more efficient PKI container based CAs. PKI-based CA store now supports up to 250CAs, 8KB size for each CA and also supports issuers hints attribute for each CA. Administrators can also upload the entire PKI and all the CAs using the "Upload CBA PKI" feature or create a PKI container and upload CAs individually.

Changed feature - expansion of WhatsApp as an MFA one-time passcode delivery channel for Entra ID
Type: Changed feature
Service category: MFA
Product capability: User Authentication

• In late 2023, Entra started leveraging WhatsApp as an alternate channel to deliver multifactor authentication (MFA) one-time passcodes to users in India and Indonesia. We saw improved deliverability, completion rates, and satisfaction when leveraging the channel in both countries. The channel was temporarily disabled in India in early 2024. Starting early December 2024, we will be re-enabling the channel in India, and expanding its use to additional countries.
• Starting December 2024, users in India, and other countries can start receiving MFA text messages via WhatsApp. Only users that are enabled to receive MFA text messages as an authentication method, and already have WhatsApp on their phone, will get this experience. If a user with WhatsApp on their device is unreachable or doesn’t have internet connectivity, we will quickly fall back to the regular SMS channel. In addition, users receiving OTPs via WhatsApp for the first time will be notified of the change in behavior via SMS text message.
• If you don’t want your users to receive MFA text messages through WhatsApp, you can disable text messages as an authentication method in your organization or scope it down to only be enabled for a subset of users. Please note that we highly encourage organizations move to using more modern, secure methods like Microsoft Authenticator and passkeys in favor of telecom and messaging app methods.

Public Preview - Updating profile photo in MyAccount
Type: New feature
Service category: My Profile/Account
Product capability: End User Experiences

• On November 13, 2024, users received the ability to update their profile photo directly from their MyAccount portal. This change exposes a new edit button on the profile photo section of the user’s account.
• In some environments, it’s necessary to prevent users from making this change. Global Administrators can manage this using a tenant-wide policy with Microsoft Graph API, following the guidance in the Manage user profile photo settings in Microsoft 365 document.

Retirement - MFA Fraud Alert will be retired on March 1st 2025
Type: Deprecated
Service category: MFA
Product capability: Identity Security & Protection

• Microsoft Entra multifactor authentication (MFA) fraud alert allows end users to report MFA voice calls, and Microsoft Authenticator push requests, they didn't initiate as fraudulent. Beginning March 1, 2025, MFA Fraud Alert will be retired in favor of the replacement feature Report Suspicious Activity which allows end users to report fraudulent requests, and is also integrated with Identity Protection for more comprehensive coverage and remediation. To ensure users can continue reporting fraudulent MFA requests, organizations should migrate to using Report Suspicious Activity, and review how reported activity is remediated based on their Microsoft Entra licensing. For more information, see: Configure Microsoft Entra multifactor authentication settings.

Public Preview - Microsoft Entra Health Monitoring, Alerts Feature
Type: Changed feature
Service category: Other
Product capability: Monitoring & Reporting

• Intelligent alerts in Microsoft Entra health monitoring notify tenant admins, and security engineers, whenever a monitored scenario breaks from its typical pattern. Microsoft Entra's alerting capability watches the low-latency health signals of each scenario, and fires a notification in the event of an anomaly. The set of alert-ready health signals and scenarios will grow over time. This alerts feature is now available in Microsoft Entra Health as an API-only public preview release (UX release is scheduled for February 2025). For more information, see: How to use Microsoft Entra Health monitoring alerts (preview).

General Availability - Microsoft Entra Health Monitoring, Health Metrics Feature
Type: New feature
Service category: Reporting
Product capability: Monitoring & Reporting

• Microsoft Entra health monitoring, available from the Health pane, includes a set of low-latency pre-computed health metrics that can be used to monitor the health of critical user scenarios in your tenant. The first set of health scenarios includes MFA, CA-compliant devices, CA-managed devices, and SAML authentications. This set of monitor scenarios will grow over time. These health metrics are now released as general availability data streams, in conjunction with the public preview of an intelligent alerting capability. For more information

General Availability - Log analytics sign-in logs schema is in parity with MSGraph schema
Type: Plan for change
Service category: Authentications (Logins)
Product capability: Monitoring & Reporting

• To maintain consistency in our core logging principles, we've addressed a legacy parity issue where the Azure Log Analytics sign-in logs schema did not align with the MSGraph sign-in logs schema. The updates include fields such as ClientCredentialType, CreatedDateTime, ManagedServiceIdentity, NetworkLocationDetails, tokenProtectionStatus, SessionID, among others. These changes will take effect in the first week of December 2024.
• We believe this enhancement will provide a more consistent logging experience. As always, you can perform pre-ingestion transformations to remove any unwanted data from your Azure Log Analytics storage workspaces. For guidance on how to perform these transformations, see: Data collection transformations in Azure Monitor.

Deprecated - MIM hybrid reporting agent
Type: Deprecated
Service category: Microsoft Identity Manager
Product capability: Monitoring & Reporting

• The hybrid reporting agent, used to send a MIM Service event log to Microsoft Entra to surface in password reset and self-service group management reports, is deprecated. The recommended replacement is to use Azure Arc to send the event logs to Azure Monitor. For more information, see: Microsoft Identity Manager 2016 reporting with Azure Monitor.