What’s New in Azure Active Directory for February 2019

AzureADBanner[4]

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following new and changed functionality for Azure Active Directory for February 2019:

 

What’s New

Configurable Azure AD SAML token encryption Public preview

Service category: Enterprise Apps
Product capability: SSO

Admins can now configure any supported Security Assertion Markup Language (SAML)-based app to receive encrypted tokens. When configured and used with an app, Azure AD encrypts the emitted SAML assertions using a public key obtained from a certificate stored in Azure AD.

 

Create an access review for groups or apps

Service category: Access Reviews
Product capability: Governance

Admins can now include multiple groups or apps in a single Azure AD access review for group membership or app assignment. Access reviews with multiple groups or apps are set up using the same settings and all included reviewers are notified at the same time.

 

New Federated Apps available in Azure AD app gallery

Service category: Enterprise Apps
Product capability: 3rd Party Integration

In January 2019, Microsoft has added these 27 new apps with Federation support to the app gallery:

 

Choose specific page element versions provided by Azure AD B2C

Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C

Admins can now choose a specific version of the page elements provided by Azure AD B2C. By selecting a specific version, admins can test their updates before they appear on a page and can get predictable behavior. Additionally, admins can now opt in to enforce specific page versions to allow JavaScript customizations. To turn this feature on, go to the Properties page in the user flows (previously known as: built-in policies).

 

Configurable end-user password requirements for B2C

Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C

Admins can now specifically set up their organization’s password complexity for end-users, instead of having to use their native Azure AD password policy. From the Properties blade of the user flows (previously known as: built-in policies), admins can choose a password complexity of Simple or Strong, or you can create a Custom set of requirements.

 

New default templates for custom branded authentication experiences

Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C

Admins can use the new default templates, located on the Page layouts blade of the user flows (previously known as: built-in policies), to create a custom branded authentication experience for users.

 

What’s Changed

Enhanced combined MFA/SSPR registration

Service category: Self-service Password Reset
Product capability: User Authentication

In response to customer feedback, Microsoft has enhanced the combined Multi-factor Authentication (MFA) and Self-service Password Reset (SSPR) registration preview experience, helping users to more quickly register their security info for both MFA and SSPR.

Over the next few weeks, Microsoft will be removing the ability for admins to turn on the old combined MFA/SSPR registration preview experience for tenants that don’t already have it turned on.

Regardless of whether admins have previously turned on the old combined MFA/SSPR registration preview experience for users or not, the old experience will be turned off at a future date. Because of that, Microsoft strongly suggests that admins move to the new, enhanced experience as soon as possible.

 

Updated policy management experience for user flows

Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C

Microsoft has updated the policy creation and management process for user flows (previously known as: built-in policies) easier. This new experience is now the default for all Azure AD tenants.

Admins can provide additional feedback and suggestions by using the smile or frown icons in the Send us feedback area at the top of the portal screen.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.