May 2024 Updates and New Features
May 2024
General Availability - Azure China now supports My sign-ins and MFA/SSPR Combined Registration
Type: Changed feature
Service category: MFA
Product capability: Identity Security & Protection
Starting end of June 2024, all organizations utilizing Microsoft Azure in China (operated by 21Vianet) will now have access to My Sign-ins activity reporting, and will be required to use the combined security information registration end-user experience for MFA and SSPR. As result of enablement users will now see a unified SSPR and MFA registration experience when prompted to register for SSPR or MFA.
General Availability - $select in signIn API
Type: New feature
Service category: MS Graph
Product capability: Monitoring & Reporting
The long-awaited $select has been implemented into the signIn API. Utilize the $select to reduce the number of attributes that are returned for each log. This should greatly help customers who deal with throttling issues, and allow every customer to run faster, more efficient queries.
General Availability - Multiple Passwordless Phone Sign-ins for Android Devices
Type: New feature
Service category: Authentications (Logins)
Product capability: User Authentication
End users can now enable passwordless phone sign-in for multiple accounts in the Authenticator App on any supported Android device. Consultants, students, and others with multiple accounts in Microsoft Entra can add each account to Microsoft Authenticator and use passwordless phone sign-in for all of them from the same Android device. The Microsoft Entra accounts can be in the same tenant or different tenants. Guest accounts aren't supported for multiple account sign-ins from one device.
Public Preview - Bicep templates support for Microsoft Graph
Type: New feature
Service category: MS Graph
Product capability: Developer Experience
The Microsoft Graph Bicep extension brings declarative infrastructure-as-code (IaC) capabilities to Microsoft Graph resources. It allows you to author, deploy, and manage core Microsoft Entra ID resources using Bicep template files, alongside Azure resources.
Existing Azure customers can now use familiar tools to deploy Azure resources and the Microsoft Entra resources they depend on, such as applications and service principals, IaC and DevOps practices.
It also opens the door for existing Microsoft Entra customers to use Bicep templates and IaC practices to deploy and manage their tenant's Entra resources.
Public Preview - Platform Single Sign-on for macOS with Microsoft Entra ID
Type: New feature
Service category: Authentications (Logins)
Product capability: User Authentication
Today we’re announcing that Platform SSO for macOS is available in public preview with Microsoft Entra ID. Platform SSO is an enhancement to the Microsoft Enterprise SSO plug-in for Apple Devices that makes usage and management of Mac devices more seamless and secure than ever. At the start of public preview, Platform SSO works with Microsoft Intune. Other Mobile Device Management (MDM) providers are coming soon. Contact your MDM provider for more information on support and availability.
Public Preview - Workflow History Insights in Lifecycle Workflows
Type: New feature
Service category: Lifecycle Workflows
Product capability: Identity Lifecycle Management
Customers can now monitor workflow health, and get insights throughout all their workflows in Lifecycle Workflows including viewing workflow processing data across workflows, tasks, and workflow categories.
Public Preview - Configure Lifecycle Workflow Scope Using Custom Security Attributes
Type: New feature
Service category: Lifecycle Workflows
Product capability: Identity Lifecycle Management
Customers can now apply their confidential HR data stored in custom security attributes in addition to other attributes to define the scope of their workflows in Lifecycle Workflows for automating joiner, mover, and leaver scenarios.
Public Preview - Enable, Disable and Delete synchronized users accounts with Lifecycle Workflows
Type: New feature
Service category: Lifecycle Workflows
Product capability: Identity Lifecycle Management
Lifecycle Workflows can now enable, disable, and delete user accounts that are synchronized from Active Directory Domain Services (AD DS) to Microsoft Entra. This allows you to ensure that the offboarding processes of your employees are completed by deleting the user account after a retention period.
Public Preview - External authentication methods for multifactor authentication
Type: New feature
Service category: MFA
Product capability: User Authentication
External authentication methods enable you to use your preferred multifactor authentication (MFA) solution with Microsoft Entra ID.
General Availability - LastSuccessfulSignIn
Type: Changed feature
Service category: MS Graph
Product capability: Monitoring & Reporting
Due to popular demand and increased confidence in the stability of the properties, we've added LastSuccessfulSignIn & LastSuccessfulSigninDateTime into V1. Feel free to take dependencies on these properties in your production environments now.
General Availability - Changing default accepted token version for new applications
Type: Plan for change
Service category: Other
Product capability: Developer Experience
Starting August 2024, new Microsoft Entra applications created using any interface (including the Microsoft Entra admin center, Azure portal, Powershell/CLI, or the Microsoft Graph application API) will have the default value of the 'requestedAccessTokenVersion' property in the app registration set to '2'; this is a change from the previous default of 'null' (meaning '1'). This means that new resource applications receive v2 access tokens instead of v1 by default. This improves the security of apps.
General Availability - Windows Account extension is now Microsoft Single Sign On
Type: Changed feature
Service category: Authentications (Logins)
Product capability: SSO
The Windows Account extension is now the Microsoft Single Sign On extension in docs and Chrome store. The Windows Account extension is updated to represent the new macOS compatibility. It's now known as the Microsoft Single Sign On extension for Chrome, offering single sign-on and device identity features with the Enterprise SSO plug-in for Apple devices. This is just a name change for the extension, there are no software changes to the extension itself.
General Availability - New provisioning connectors in the Microsoft Entra Application Gallery - May 2024
Type: New feature
Service category: App Provisioning
Product capability: 3rd Party Integration
We've added the following new applications in our App gallery with Provisioning support. You can now automate creating, updating, and deleting of user accounts for these newly integrated apps:
- ClearView Trade