What's New in Entra ID for July 2024

Reading Time: 2 minutes

Microsoft Entra ID

Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID, Microsoft communicated the following planned, new and changed functionality for Entra ID for July 2024:

 

What's Planned

New SAML applications can't receive tokens through OAuth2/OIDC protocols Generally Available

Service category: Enterprise Apps
Product capability: Developer Experience

Starting late September 2024, applications indicated as 'SAML' applications (via the 'preferredSingleSignOnMode' property of the service principal) can't be issued JWT tokens. This means they can't be the resource application in OIDC, OAuth2.0, or other protocols using JWTs. This change will only affect SAML applications attempting to take a new dependency on JWT-based protocols; existing SAML applications already using these flows won't be affected. This will improve the security of apps.

 

What's New

Active Directory Federation Services (AD FS) Application Migration Wizard Generally Available

Service category: AD FS Application Migration
Product capability: Platform

The Active Directory Federation Services (AD FS) application migration wizard allows admins to quickly identify which AD FS relying party applications are compatible with being migrated to Microsoft Entra ID. The tool shows the migration readiness of each application, highlights issues and the suggested actions to remediate, guides the admin through preparing an individual application for migration, and configuring their new Microsoft Entra application.

 

Insider Risk condition in Conditional Access Generally Available

Service category: Conditional Access
Product capability: Identity Security & Protection

The Insider Risk condition in Conditional Access, is a new feature that leverages signals from Microsoft Purview's Adaptive Protection capability to enhance the detection and automatic mitigation of Insider threats. This integration allows organizations to more effectively manage, and respond, to potential insider risks by using advanced analytics and real-time data.

This is a premium feature and requires an Entra P2 license.

 

Adversary in the Middle detection alert Generally Available

Service category: Identity Protection
Product capability: Identity Security & Protection

The Adversary in the Middle (AitM) detection in Identity Protection will be triggered on a user account that has been compromised by an adversary that has intercepted the user's credentials, including tokens that were issued to the user. The risk is identified through Microsoft 365 Defender and will flag the user with High risk to trigger the configured Conditional Access policy.

 

New Federated Apps available in Microsoft Entra Application gallery Generally Available

Service category: Enterprise Apps
Product capability: 3rd Party Integration

In July 2024, Microsoft added the following new applications in the Entra Application Gallery with Federation support:

  1. Fullstory SAML
  2. LSEG Workspace

 

What's Changed

Easy authentication with Azure App Service and Microsoft Entra External ID Generally Available

Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C

This feature offers an improved experience when using Microsoft Entra External ID as an identity provider for Azure App Service’s built-in authentication, simplifying the process of configuring authentication and authorization for external-facing apps. Admins can complete initial configuration directly from the App Service authentication setup without switching into the external tenant.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.