What's New in Azure Active Directory for March 2022

Azure Active Directory

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for March 2022:

What’s Planned

Tenant enablement of combined security information registration

Service category: Multi-factor authentication (MFA)
Product capability: Identity Security & Protection

In April 2022, Microsoft announced the General Availability of the combined registration experience, enabling users to register security information for multi-factor authentication and self-service password reset at the same time. Since then, the feature has been available for organizations to opt in.

The combined security information registration experience will be enabled to all non-enabled Azure AD tenants after September 30th, 2022. This change does not impact tenants created after August 15th, 2020, or tenants located in the China region.

What’s New

Azure AD Recommendations Public Preview

Service category: Reporting
Product capability: Monitoring & Reporting

Azure AD Recommendations are now in public preview. This feature on the Overview pane of the tenant provides personalized insights with actionable guidance to help admins identify opportunities to implement Azure AD recommended practices, and optimize the state of the Azure AD tenant.

New APIs for fetching transitive role assignments and role permissions Public Preview

Service category: Role-based Access Control (RBAC)
Product capability: Access Control

Two new API calls allow for new functionality:

  1. transitiveRoleAssignments: Last year the ability to assign Azure AD roles to groups was created. Originally it took four calls to fetch all direct, and transitive, role assignments of a user. This new API call allows it all to be done via one API call.
  2. unifiedRbacResourceAction: Developers can use this API to list all role permissions and their descriptions in Azure AD. This API can be thought of as a dictionary that can help build custom roles without relying on UX.

Dynamic administrative unit membership for users and devices Public Preview

Service category: Role-based Access Control (RBAC)
Product capability: Access Control

Administrative Units (AUs) now support dynamic membership rules for user and device members. Instead of manually assigning users and devices to administrative units, admins can set up a query for the AU. The membership will be automatically maintained by Azure AD.

Devices in Administrative Units Public Preview

Service category: Role-based Access Control (RBAC)
Product capability: Authorization/Access Delegation

Devices can now be added as members of AUs. This enables scoped delegation of device permissions to a specific set of devices in the tenant. Built-in and custom roles are also supported.

New Federated Apps in the Azure AD Application gallery

Service category: Enterprise Apps
Product capability: 3rd Party Integration

In March 2022, Micosoft added the following new applications in the Azure AD App gallery with Federation support:

New provisioning connectors in the Azure AD Application Gallery

Service category: App Provisioning
Product capability: 3rd Party Integration

Admins can now automate creating, updating, and deleting user accounts for these newly integrated apps:

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.