Public Preview - Passkey authentication in brokered Microsoft apps on Android
October 2024 Update
Public Preview - Passkey authentication in brokered Microsoft apps on Android
Type: New feature
Service category: Authentications (Logins)
Product capability: User Authentication
Microsoft Entra ID users can now use a passkey to sign into Microsoft apps on Android devices where an authentication broker like Microsoft Authenticator, or Microsoft Intune Company Portal, is installed. For more information, see: Support for FIDO2 authentication with Microsoft Entra ID.
Public Preview Refresh - Passkeys in Microsoft Authenticator
Type: New feature
Service category: Microsoft Authenticator App
Product capability: User Authentication
Public preview of passkeys in the Microsoft Authenticator will now support additional features. Admins can now require attestation during registration of a passkey, and Android native apps now supports signing in with passkeys in the Authenticator. Additionally, users are now prompted to sign in to the Authenticator app to register a passkey when initiating the flow from MySignIns. The Authenticator app passkey registration wizard walks the user through meeting all the prerequisites within the context of the app before attempting registration. Download the latest version of the Authenticator app and give us feedback as you pilot these changes in your organization. For more information, see: Enable passkeys in Microsoft Authenticator (preview).
Public Preview - Authentication methods migration wizard
Type: New feature
Service category: MFA
Product capability: User Authentication
The authentication methods migration guide (preview) in the Microsoft Entra admin center lets you automatically migrate method management from the legacy MFA and SSPR policies to the converged authentication methods policy. In 2023, it was announced that the ability to manage authentication methods in the legacy MFA and SSPR policies would be retired in September 2025. Until now, organizations had to manually migrate methods themselves by leveraging the migration toggle in the converged policy. Now, you can migrate in just a few selections by using the migration guide. The guide evaluates what your organization currently has enabled in both legacy policies, and generates a recommended converged policy configuration for you to review and edit as needed. From there, simply confirm the configuration and we set it up for you and mark your migration as complete. For more information, see: How to migrate MFA and SSPR policy settings to the Authentication methods policy for Microsoft Entra ID.
General availability- SMS as an MFA method in Microsoft Entra External ID
Type: New feature
Service category: B2C - Consumer Identity Management
Product capability: B2B/B2C
Announcing general availability of SMS as an MFA method in Microsoft Entra External ID with built-in telecom fraud protection through integrations with the Phone Reputation Platform.
What's new?
- SMS sign-in experience that maintains the look and feel of the application users are accessing.
- SMS is an add-on feature. We'll apply an additional charge per SMS sent to the user which will include the built-in fraud protection services.
- Built-in fraud protection against telephony fraud through our integration with the Phone Reputation platform. This platform processes telephony activity in real-time and returns an "Allow", "Block" or "Challenge" based on risk and a series of heuristics.