Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for April 2021:
What’s Planned
Users can only create security and Microsoft 365 groups in Azure portal being deprecated
Service category: Group Management
Product capability: Directory
People in your organization will no longer be limited to create security and Microsoft 365 groups only in the Azure portal. The new setting will allow people to create security groups in the Azure portal, PowerShell, and API. Organizations will be required to verify and update the new setting.
What’s New
External Identities Self-Service Sign Up General availability
Service category: Business to business collaboration (B2B)
Product capability: B2B/B2C
Self-service sign-up for external users is now generally available. With this new feature, external users can now self-service sign up to an application.
Organizations can create customized experiences for these external users, including collecting information during the registration process and allowing external identity providers like Facebook and Google. Organizations can also integrate with third-party cloud providers for various functionalities like identity verification or approval of users.
Azure AD B2C Phone Sign-up and Sign-in using Built-in Policy General availability
Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C
B2C Phone Sign-up and Sign-in using a built-in policy enable administrators and developers of organizations to allow their end-users to sign in and sign-up using a phone number in user flows. With this feature, disclaimer links such as privacy policy and terms of use can be customized and shown on the page before the end-user proceeds to receive the one-time passcode via text message.
External Identities Self-Service Sign-up in AAD using Email One-Time Passcode accounts Public Preview
Service category: Business to business collaboration (B2B)
Product capability: B2B/B2C
External users can now use Email One-Time Passcode accounts to sign up or sign in to Azure AD 1st party and line-of-business applications.
New Federated Apps available in Azure AD Application gallery
Service category: Enterprise Apps
Product capability: 3rd Party Integration
In April 2021, Microsoft added the following new applications in the Azure AD App gallery with Federation support
- Zii Travel Azure AD Connect
- Cerby
- Selflessly
- Apollo CX
- Pedagoo
- Measureup
- Wistec Education
- ProcessUnity
- Cisco Intersight
- Codility
- H5mag
- Check Point Identity Awareness
- Jarvis
- desknet's NEO
- SDS & Chemical Information Management
- Wúru App
- Holmes
- Tide Multi Tenant
- Telenor
- Yooz US
- Mooncamp
- inwise SSO
- Ecolab Digital Solutions
- Taguchi Digital Marketing System
- XpressDox EU Cloud
- EZSSH
- EZSSH Client
- Verto 365
- KPN Grip
- AddressLook
- Cornerstone Single Sign-On
New provisioning connectors in the Azure AD Application Gallery
Service category: App Provisioning
Product capability: 3rd Party Integration
Organizations can now automate creating, updating, and deleting user accounts for these newly integrated apps:
- Bentley – Automatic User Provisioning
- Boxcryptor
- BrowserStack Single Sign-on
- Eletive
- Jostle
- Olfeo SAAS
- Proware
- Segment
What’s Changed
Introducing new versions of page layouts for B2C
Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C
The page layouts for B2C scenarios on the Azure AD B2C has been updated to reduce security risks by introducing the new versions of jQuery and Handlebars JS.
Updates to Sign-in Diagnostic
Service category: Reporting
Product capability: Monitoring & Reporting
The scenario coverage of the Sign-in Diagnostic tool has increased. With this update, the following event-related scenarios will now be included in the sign-in diagnosis results:
- Enterprise Applications configuration problem events
- Enterprise Applications service provider (application-side) events
- Incorrect credentials events
These results show contextual and relevant details about the event and actions to take to resolve these problems. Also, for scenarios where Microsoft doesn't offer deep contextual diagnostics, Sign-in Diagnostic will present more descriptive content about the error event.
What’s Fixed
Azure AD will no longer double-encode the state parameter in responses
Service category: Authentications
Product capability: User Authentication
Azure AD has identified, tested, and released a fix for a bug in the /authorize
response to a client application. Azure AD was incorrectly URL encoding the state
parameter twice when sending responses back to the client. This can cause a client application to reject the request, due to a mismatch in state parameters.
Login